Analytics
10/19/2012
03:10 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Law Firm Bernstein Shur Launches Data Security Team

Attorneys to provide clients with legal and technical support before and after a data security breach

PORTLAND, Maine, AUGUSTA, Maine and MANCHESTER, N.H., Oct. 19, 2012 /PRNewswire/

-- Bernstein Shur, one of northern New England's largest law firms, announced the launch of its Data Security Team, a team of attorneys who provide clients with legal and technical support before and after a data security breach.

Despite enormous and increasing resources devoted to combating data breaches and other cybercrimes, incidents continue to grow. In 2011, it cost corporations an average of $417,748 and 18 business days to "clean up" after a data security breach (Ponemon Institute).

Attorney Tony Perkins, a Bernstein Shur shareholder (partner) and chair of the firm's Business Law Practice Group, is part of the six-person team of attorneys.

"Data breaches occur at any time, day or night," said Perkins. "Our goal is to find out what keeps our clients awake at night and address risks early on."

A prompt legal and technical response is essential to properly assess a data breach and mitigate loss. The Bernstein Shur Data Security Team, working closely with a network of advisors, offers an initial audit to discuss potential risks and implement appropriate action plans. Before an attack, the Data Security Team creates preventative action plans, assesses internal procedures and assists clients in securing insurance to cover any losses. "The insurance issues are complex and need to be carefully addressed before the loss occurs," said Jack Montgomery, a shareholder (partner), member of the Data Security Team and former head of the Insurance Section of the Maine Bar Association.

Should a data security breach occur, the team coordinates with technical experts to assess the cause and scope, drafts required notices, assists in the resolution of adverse civil claims and enforces insurance, indemnity and contractual rights when necessary.

Data Security Team Members:

Mike Bosse, chair of the Construction Law Practice Group and member of the Litigation Group.

Dan Mitchell, member of the Business Law Practice Group and Litigation Group.

Jack Montgomery, chair of the Energy Law Practice Group and member of the Litigation Group.

Tony Perkins, chair of the Intellectual Property and Technology Practice Group and co-chair of Business Law Practice Group.

Asha Echeverria, member of the Energy Law Practice Group, Environmental and Natural Resources Practice Group, Construction Law Practice Group and Litigation Group.

Josh Silver, member of the Business Law Practice Group and Intellectual Property and Technology Practice Group.

About Bernstein Shur

Widely regarded as one of New England's most entrepreneurial law firms, Bernstein Shur is a multi-service firm with more than 100 attorneys in offices in Maine and New Hampshire. Founded in 1915, the firm provides practical and innovative counsel in the areas of business law, litigation, and municipal law to clients throughout the region and around the world. Bernstein Shur is Maine's exclusive member of Lex Mundi, the world's leading association of independent law firms. More information is available at www.bernsteinshur.com/practices/data-security/.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6117
Published: 2014-07-11
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777.

CVE-2014-0174
Published: 2014-07-11
Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.

CVE-2014-3485
Published: 2014-07-11
The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue.

CVE-2014-3499
Published: 2014-07-11
Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors.

CVE-2014-3503
Published: 2014-07-11
Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate passwords, which makes it easier for remote attackers to guess the password via a brute force attack.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Marilyn Cohodas and her guests look at the evolving nature of the relationship between CIO and CSO.