What Should My Organization Do To Prepare For a Data Breach?

Forensicon Blog Interview: Attorney Jena M. Valdetero

Forensicon interviews privacy and data breach response attorney, Jena Valdetero, a partner with Bryan Cave LLP, on the topic of Data Breach Preparedness.  Valdetero provides further details on what organizations should do in order to be prepared for the eventual future data breach of their organization.

About Jena Valdetero


Jena Valdetero
Privacy & data breach response partner with law firm Bryan Cave LLP

Jena Valdetero is a partner at Bryan Cave LLP, where she serves as the head of Bryan Cave LLP’s data breach response team. She has provided counseling to dozens of clients in connection with data privacy and security issues. She is a Certified Information Privacy Professional/United States (CIPP/US) by leading privacy trade organization the International Association of Privacy Professionals. She has written and presented extensively on the topic of data breach response and breach preparedness and most recently co-authored the handbook Data Security Breaches: Incident Response and Preparedness, which will be published shortly by the Washington Legal Foundation. In addition to her privacy practice, Valdetero handles litigation matters on behalf of a variety of clients, including class action litigation, in both state and federal courts.

Ms. Valdetero’s full bio is available here.

Interview Transcript

Jena, tell us what some of the things you recommend your clients to do before a data breach happens so that they’re ready?

Valdetero: We actually worked on a data breach preparedness checklist and what we often find in a data breach situation, it’s a crisis. People are upset, they are scrambling, and they often don’t have a solid plan in place.

And one of the most basic things that you can do is quickly identify various documents that you’re going to need to rely on, that will help guide you through the process.  And by that I mean;

  • Does your company have a cyber liability insurance policy?
  • Do you have an incident response plan and people who are identified to be a part of an incident response team?
  • Do you have contracts in place with a forensic company who can come on the ground very quickly and help go through your computer systems and try to figure out the source of the breach and also as important what was actually accessed or acquired?

Those types of things, there are a variety of other documents including business partner contracts that we tell people that they should have in their possession and their ability to access, pretty quickly. Because, you’ll want to consult all those documents in order to make sure that you’re complying with your obligations under all of those documents and also to make sure that you’re aware of all the moving parts that are occurring. 

Forensicon: You raised a good point about having a relationship with a computer forensics firm.  If you are a firm that has been exposed to a breach or you are preparing for one, having a meeting and doing a limited amount of consulting with a firm long before anything goes wrong can really help.  If the firm understands your systems, they already know the IT department, they have a network map of what the systems do and what not, that goes a long way to help in a time of crisis.

Tags: , , , , , , , ,

    Related Posts

  • Staff Recognized for Departing Employee Investigations - The first issue of Corporate Counsel Business Journal, CCBJ,  includes an interview with our Director of Digital Forensics, Yaniv Schiff, and Solutions Architect, Curtis Collette, on the evolution of departing employee investigations. Departing Employee: When Do Investigations Become Necessary? appeared in the print publication, online edition, and on CCBJ’s In-House Tech website. For Increasing Numbers of Employers, Departing Employee Investigations[...Read More]
  • Chicago Office Food Drive – The Results Are In - QDiscovery’s Chicago Office collected nearly 1,000 containers of food for the local food bank this Holiday Season!  Our office competed with sister offices in Indiana and Connecticut.  Alas, we came in third.  Our sister offices each collected nearly 2,000 containers for their local food banks.  Relatively new to the company-wide food drive, the Forensics Division[...Read More]
  • QDiscovery QMobile App Wins Innovation Award - QDiscovery’s QMobile is winner of a 2017 Relativity Innovation Award.  Presented at Relativity Fest, the Innovation Award celebrates organizations that create apps or integrations that extend the functionality of Relativity’s eDiscovery software.   Our development team created an application that makes the analysis of mobile collections much more manageable.  Relativity users can now produce and review mobile[...Read More]
  • Moving and Changing - Acquired by Connecticut-based QDiscovery in 2016, Forensicon’s capabilities multiplied overnight, both in forensics brain power and eDiscovery expertise.  As part of a leading provider of end to end litigation support, moving to larger offices that are more central to the Chicago legal community was inevitable.
  • QDiscovery Named One of the Top 20 Providers of Legal Services! - Leading industry publication, CIO Magazine, has named Forensicon’s parent company, QDiscovery, to it’s  Top 20 Providers of Legal Services.  The annual listing includes 20 companies that are at the forefront of providing legal solutions and impacting the marketplace.  Read the whole article here.  Featured in the publication alongside QDiscovery President, Dave Barrett, is Director of Digital Forensics, Yaniv[...Read More]
No comments yet.

Leave a Reply