<b><i>e-Discovery and Security</b></i> The Inevitable Reinvention of the e-Discovery Industry

This article delves into the evolving landscape of law firms, corporations and service providers in regard to their e-discovery practices and businesses and explore what an organization needs to do to stay competitive and profitable in today's new security-centric environment.

What Are We Evolving Into?

At the 2016 ACEDS (Association of Certified eDiscovery Specialists) Conference held in New York City, an entire day of preconference education and demonstration was fully dedicated to “cybersecurity for legal professionals.” In fact, over the course of the three-day conference event, there was as much focus on topics of security, information protection and governance and privacy as there was on what the community typically considers e-discovery topics (project management, legal analytics and rule changes affecting the practice of law).

Craig Ball, a thought leader in the e-discovery space for decades, gave an incredibly vibrant presentation, “The Crystal 'Ball': A Look into the Future of e-Discovery,” in which he stated that “e-discovery will be as much about privacy, security and information governance in the future” as it will be about all the traditional aspects of EDRM that we have come to accept as standards. Our ALM sibling, Legaltech News, has published numerous surveys and reports in the last few months, stating that, among other things, “corporate cybersecurity spending will increase 38% over the next 10 years” and “80% of [law firms] consider cybersecurity and privacy one of their top 10 risks” in 2016 and beyond. The evolution is clear: With continued e-discovery price compression, commoditization and consolidation, the next frontier for all legal technology professionals is matters of cyber risk, security solutions and privacy.

Service Provider Reinvention

There is no doubt that consultancies are the front-runners, bolstering and recalibrating their talent force to compete in the cybersecurity space. More practice groups have been developed and leadership hired with a focus on legal security and privacy in the last year than in the five years prior combined. The consultancies are generally pulling their leadership-level cyber talent from two places: corporations and the federal government.

This is a huge departure from where e-discovery companies and consultancy divisions are acquiring talent, which has become almost entirely from each other, occasionally from law firms or corporate clients and almost never from government agencies. High-end hiring in e-discovery at service providers is more about drawing talent for revenue and relationships than it is subject matter expertise, since there is a far greater saturation of those skills in the legal market than ever before. However, when it comes to cyber staffing and talent augmentation, hiring motivations are entirely about expertise with the belief in the potential of those leaders to eventually drive revenue through new relationships and perhaps existing relationships they developed in their government positions.

Consider some of the recent hires by some of the largest consulting firms in the country: K2 Intelligence, “an investigative and integrity consulting firm founded in 2009 by Jeremy M. Kroll and Jules B. Kroll, the originator of the modern corporate investigations industry,” recently brought Austin Berglas over as the senior managing director and head of U.S. Cyber Investigations and Incident Response. Prior to K2, Berglas spent just under 20 years at the FBI, focusing on cybersecurity. Navigant Consulting just hired Bob Anderson in January 2016 after a 21-year run at the FBI culminating in his appointment as executive assistant director (EAD) of the Criminal, Cyber, Response and Services Branch.

The list goes on and will continue to do so as consulting firms look to the FBI, CIA and other elite government entities to transition experts out of potential retirement and into the private sector. There is simply no talent quite like the talent at such agencies when it comes to expertise in combating cyberwarfare and defending against data theft and intrusion.

This year through 2018 will mark a peak period of opportunity for federal thought leaders in cyber to matriculate into leadership roles at large global consulting firms; however, traditional e-discovery vendors who may see the cyber arena as tangential to their business as opposed to mission critical may be well-advised to consider bolstering their staff and imagining a future where these services don't just command a premium, but are a requirement to win business with larger global corporations and law firms.

Middle-market e-discovery providers can best begin to mature their staff and services with an eye toward security in their forensic collections division. Forensics is the intersection between e-discovery and cybersecurity careers and offerings. Kevin Treuberg, national director of forensic services at CDS Legal in New York, makes a key observation regarding e-discovery forensics and cybersecurity forensics: “Back when I began in the industry, computer forensics and cybersecurity were one and the same. A technician was capable of straddling both disciplines: able to investigate the most complex data breaches plus identify the actors responsible. With the advent of 'push-button computer forensics' in the early 2000s (due to the proliferation of advanced computer forensics software solutions), there was a demand for technicians [who] were strictly focused on the static environment of computer forensics without the focus on network intrusion analysis.” Treuberg goes on to profess that “in today's environment, you now need to be able to identify and react to threat vectors both on the network and static fronts to best serve your clients.”

While some midmarket e-discovery vendors may still see forensics as “collections” and a means to serve their processing and hosting businesses, consider also that for now, services focused on cybersecurity can be unique differentiators, if not requirements.

The growing dominance of master service agreements (aka, subscription-based pricing models), coupled with aggressive vendor consolidation in the e-discovery vendor market offers the opportunity to distinguish one service from newer, more complex services that span a broader range of client-vendor collaboration beyond the EDRM. Much of what happens in the CSRM (Cybersecurity Reference Model) happens before EDRM, the greatest overlap being “information governance.”

As corporations decide which providers to engage in multimillion-dollar annualized contracts, the breadth of service is slowly becoming as important as the depth of expertise in a particular service. Corporations want to engage fewer vendors to get the job done, and with so much downstream e-discovery business stemming from a client's maturity around data governance and security, middle-market e-discovery providers may need to have experts on staff who can consult on cyber and privacy-related issues to win client business much earlier in the life cycle of data creation and maintenance.

Whether you are a $30MM e-discovery vendor or a $300MM player, having a go-to industry expert on staff to drive conversations with existing clients while developing a practice in this new area is becoming essential. The opportunistic reality of this advice is demonstrated by the hiring (or lack of hiring) practices in the Am Law 200 and Fortune 1000.

Corporate and Law Firm Reinvention

Corporate cybersecurity leaders will also be ripe targets for recruitment as consulting firms develop more mature teams in the security and privacy vertical. Shahryar Shaghaghi recently joined BDO Consulting as national leader, Technology Advisory Services, and head of International BDO Cybersecurity after years at Citigroup. Corporations will in turn do one of three things in the wake of losing their core information protection talent: hire a similarly experienced replacement from another corporation, engage an outside consultant or promote from within (consider that “outside consultant” often converts into a full-time hire for the client). There will be CISO (Chief Information Security Officer) opportunities in the Fortune 500 in the next five years as a result of this matriculation.

The Am Law 200's response to security staffing has been ' and will continue to be ' very different. Law firms, notoriously slow to adapt advanced technology, are equally slow in adopting exclusively dedicated roles for cybersecurity in-house. As mentioned earlier in this article, cybersecurity law is a sector that is showing increasing demand for talent and salary potential for practicing attorneys.

Outside of the practice of law around privacy and security, law firms are not bolstering their staff with technical security experts in order to address issues around their own data, and probably their clients' data as well. According to the ABA in 2015, “58% [of law firms with 500 or more attorneys] did not have a dedicated Chief Information Security Officer (CISO) or another staff member charged with data security.” Firms are instead leaning on the “Cyber 500″ vendors and consultancies to help them or are promoting someone from within (a CIO, global network manager, IT director) to learn security disciplines and take control of the problem. This makes it a great time to be a vendor in the information security vertical, especially if you are servicing law firms. However, most of the “Cyber 500″ are focused on corporations and not law firms, though that is slowly changing. Again, with timing being everything, now could be a good window for middle-market e-discovery vendors whose relationships with law firm clients are deep and lengthy to offer security services solutions before the market becomes as saturated with players as e-discovery is.

Consolidation, Innovation, But Mostly Reinvention

The focus of this article has been on how and why an individual or a company needs to pivot thinking toward an emphasis on security. For the profit-minded, security vendors and consulting firms are charging healthy premiums for services and technology while the security market remains fractured and largely not understood. Job hopping and practice group development in the consulting world is rampant as opportunity is high and talent supply low.

Federal employees have a rare and unique window of opportunity to lead the future of the private sector's cybersecurity community. This is exactly where e-discovery was 10 years ago, and 10 years from now, security will commoditize, consolidate and price compress, forcing another revolution and reinvention of the standards for everyone making a living servicing law firms and corporations in the legal vertical. For those of you who have lived, learned, succeeded, failed, but most importantly remained loyal to the art of e-discovery, the time may finally have arrived to consider reinvention (personally and holistically) if you wish to experience profitability, complex challenge and prestige in the legal community for the next decade.

Jared Michael Coseglia is the founder and CEO of TRU Staffing Partners. A member of this newsletter's Board of Editors, he has over 12 years of experience representing talent in e-discovery, litigation support, cybersecurity, and broadly throughout legal and technology staffing. Coseglia has successfully placed over 2,000 professionals in full-time and temporary positions at the AmLaw 200, Fortune 1000, Cyber 500, Big 4, and within the e-discovery consultancy and service provider community. He can be reached at [email protected].