Litigation Support

HALOCK supports counsel to demonstrate whether reasonable controls were in place at the time of a breach.

Example Engagement Litigation for a Class Action Plaintiff

A complex, multi-party lawsuit required security expertise to determine whether a defendant had taken affirmative actions that caused harm to a third party. Using DoCRA to bridge the security community’s expectations for risk analysis with judicial definitions for “reasonable” controls and negligence, HALOCK helped plaintiffs successfully argue that the defendant owed a duty to the plaintiff, and that the defendant had been negligent in that duty. HALOCK Security Labs is headquartered in the Chicago area. We partner with lawyers and attorneys to advise and support their clients on reasonable information security strategies and cyber due diligence.

Download the DoCRA Checklist

Blue DoCRA Reasonable Security Checklist

Partner with HALOCK for reasonable safeguards.

Reasonable Security is Now Defined

The Sedona Conference – an influential think tank that advises attorneys, regulators, and judges on challenging technical matters – just released its Commentary on a Reasonable Security Test. The Commentary is the first document of its kind that provides the legal community with a clear definition of a “reasonable” security control.

HALOCK’s Chris Cronin was a co-author of Commentary on a Reasonable Security Test. To learn how to apply the test, contact us.

 

Contact Us

 

Reasonable Security Resources

In Archive360’s Podcast Episode 29: What is “Reasonable Data Security”?, Bill Tolson and Chris Cronin, Partner, Governance and Engineering Practice at HALOCK Security Labs try and define “reasonable data security” – a term that continually appears in every states’ privacy law or proposed legislation. 

PODCAST: Cybersecurity Where You Are, co-hosts Tony Sager and Sean Atkinson are joined by Chris Cronin, ISO 27001 Auditor and Partner at HALOCK, a leading information security consultancy. Their discussion focuses on “reasonableness” as it relates to cybersecurity risk management.

RIMS: RiskWorld Recording: Reasonable Security & The Questions a Judge Will Ask You After a Data Breach In post-data breach litigation, you must demonstrate due care and reasonable control. Learn what basic questions the court will ask and how the duty of care risk assessment (DoCRA)—based on judicial balancing tests and regulatory definitions of reasonable risk—helps you answer them. 

RSA CONFERENCE 2022: A Proven Methodology to Secure the Budget You Need in a Transforming World  |  Recording of Presentation