Your single source for new lessons on legal technology, e-discovery, and the people innovating behind the scenes.

6 Crucial Tips from the Field to Help You Build Your Cybersecurity Strategy

Matthew Vargo

Early research from Check Point Solutions indicates cyber attacks increased 38 percent in 2022. Software vulnerabilities, remote work, hacker sophistication, and increased business applications and attack surfaces all contributed to the rise.

Relativity’s network of certified partners work daily in the fields of breach and cyber attack response. They help their clients identify breaches, pinpoint affected data, and establish an appropriate and compliant response—as well as prevent future breaches.

As your organization arms itself against—or, in a worst case scenario, falls victim to—an attack, that sort of expertise is just the thing you’ll need to gather. So we’ve done a bit of the footwork for you by gathering advice from our partners.

Here’s what we learned.

#1: Keep in mind that attack vectors are always evolving.

Cyber threats continue to evolve with threat actors' changing business models to take advantage of emerging technologies like artificial intelligence, natural language processing, and low code/no code automation. Factor in the change in ransomware operating models, more frequent use of double-ransom tactics, and exfiltration of databases—in addition to personal data and the growing bevy of data privacy laws and regulations in the US and globally—and you get a significant amount of organizational risk that needs to be mitigated.

– Brian Wilson, Managing Director, BDO USA, LLP

#2: Be prepared for regulatory bodies to expect more both pre- and post-incident.

Data regulators are taking a more active interest in how the challenge of breach notification is managed from a technical and legal perspective, to ensure that organisations are efficient in their response to affected companies or individuals and the assessment of risk is balanced. It is likely that the use of technology (such as Relativity) will be embraced as an essential component in how organisations meet their regulatory requirements for breach notification. As external economic factors put businesses under pressure and cyber attacks and data breaches continue their momentum, we may see regulators becoming frustrated by those who don’t prepare adequately and respond in a timely manner. They could turn their focus to assessing the preparedness of an organisation and be less forgiving of those who are not organised in their incident response.

– Martin Nikel, Associate Managing Director in the Cyber Risk Practice, Kroll

If (read: when) a cyber attack occurs, expect people to scrutinize your preparations. Woe to anyone who hasn’t implemented processes minimizing your unused or old data, and confirmed with the forensic and data mining vendors covered by your cyber insurance that you are doing all you can to prevent an attack, limit exposure if one occurs, and prepare for a fast and appropriate post-attack response. A cyber attack is bad enough, but errors caused by inadequate preparation will make an unfortunate event excruciating.

– Bhanu Relhan, Managing Director, e-Discovery and Document Review, Elevate

#3: Educating people—and embracing collaboration—are key.

Cybersecurity is not simply an IT issue. It poses a considerable business risk with far-reaching financial, legal and reputational consequences. Consequently, all organisations must allocate adequate resources and implement a comprehensive cybersecurity strategy that includes regularly updating systems and software, training employees, and conducting risk assessments.

– Murali Baddula, Chief Digital Officer, Law In Order

Don’t fall victim to a false sense of security. At every level of technical competency, we must know our limitations and understand that while the tools we use might make us feel safe, there are often workarounds or bugs that present opportunities for threat actors to exploit. It is not sufficient to implement security tools and call it a day. Educating those using the tools about what they are specifically offering and how to remain cognizant to their deficiencies helps maximize the benefits of the tool and moves organizations beyond a false sense of security.

– Jordan Rae Kelly, Head of Cybersecurity, Americas, FTI Consulting

Cybersecurity is not just the responsibility of a single individual or department. It’s a team effort involving the entire organisation.

– Murali Baddula, Chief Digital Officer, Law In Order

#4: Enlist experts to augment your strategy.

Outsourcing certain aspects of cybersecurity, such as managed security services, can ensure access to specialized expertise and the latest technologies.

– Richard Peters, Managing Director, Berkeley Research Group

Page One routinely helps on breach matters. We have a workflow for quickly ingesting all potentially affected data and searching for breached materials. The materials can also be reviewed to compile a listing used for notification.

– Andrew Milauskas, Vice President of eDiscovery, Page One Legal

We are all on the frontier of security risk and take responsibility to coach our clients on best-practice behaviors to minimize the ever-growing spectrum of digital threats.

– Rebecca Grant, Executive Director, icourts

#5: Taking proactive measures pays off.


Transferring some of the risk to third parties such as Insurance carriers can help, and strategically deploying technology tailored to meet specific risks can provide the best overall solution.

– Brian Wilson, Managing Director, BDO USA, LLP

Disaster Recovery Plan

Don't underestimate the importance of having a disaster recovery plan—it can mean the difference between quickly bouncing back from a cyber attack or facing long-term consequences.

– Richard Peters, Managing Director, Berkeley Research Group

Data Mapping & Access

Leading practice is to leverage technology to inventory and manage access to confidential information and personal data within the corporate estate, but that can be a heavy cost for some organizations and financially devastating for others.

– Brian Wilson, Managing Director, BDO USA, LLP

Penetration Testing

Proactive measures, such as regular vulnerability assessments and penetration testing, can identify and remediate potential threats before they can be exploited.

– Richard Peters, Managing Director, Berkeley Research Group

#6: Research your vendors.

At Law In Order, choosing the right e-discovery software and services is critical for us and for our clients. Our dedicated cybersecurity team evaluate the security measures and practices of our e-discovery software partners, along with their cloud-based e-discovery services. This includes vendors security and privacy impact assessments.

– Murali Baddula, Chief Digital Officer at Law In Order.

At Relativity, keeping our users’ data safe is a top priority—and we’re humbled by how our partners entrust their work to RelativityOne.

One specifically spoke on this thread:

“From the ability to use multiple identity providers, being able to provide our clients with the policies to meet their compliance needs, or the ability to have the Security Center tell us about persistent threats, we believe RelativityOne has the most comprehensive security stack in the industry.”

– Stephen Ehrlich, CIO at The MCS Group

To learn more about how seriously Relativity takes security, visit this page.


Cyber attacks will not be defeated overnight. In fact, the forecast looks downright awful. And as cyber incidents continue to evolve, regulatory bodies will continue to expect mature preparations and responses.

Educating workforces and consulting experts are key actions organizations must use to mitigate the impact and fallout of a potential attack. From there, discrete activities like purchasing insurance, mapping data, and performing regular penetration only improve your organizations security posture.

Graphics for this article were created by Natalie Andrews.

3 Steps toward Building a Future-facing Security Awareness Program

Matthew Vargo is a proud member of the partner marketing team at Relativity, where he tries his damndest to tell the Partner + RelativityOne story. Occasionally, he writes blogs.

The latest insights, trends, and spotlights — directly to your inbox.

The Relativity Blog covers the latest in legal tech and compliance, professional development topics, and spotlights on the many bright minds in our space. Subscribe today to learn something new, stay ahead of emerging tech, and up-level your career.

Interested in being one of our authors? Learn more about how to contribute to The Relativity Blog.