A GC's Guide To Cyber Risk: Understanding The Questions To Ask And How To Evaluate The Answers

Jonathan Fairtlough is a managing director with Kroll's Cyber Risk practice, based in the Los Angeles office, from where he also leads client cyber engagements in Canada and throughout the Asia Pacific region. Jonathan joined Kroll after a distinguished career with the Los Angeles County District Attorney’s Office, where he served as both a prosecutor and Co-Founder of the Office’s High Technology Division. At Kroll, Jonathan leads teams that provide comprehensive investigative services for digital forensics, data breach response, and complex cyber-crimes.

Prior to joining Kroll, Jonathan was the Deputy in Charge of the Eastlake (Central) Juvenile Office. Earlier, he served as the Assistant Head Deputy and Co-Founder of the High Technology Division of the Los Angeles County District Attorney’s Office. During his career, Jonathan held a number of positions within the District Attorney’s Office and was involved in many high-profile cases, including the first major data breach filed in Los Angeles County for which he received the International Association of Financial Crimes Investigators (Southern California Chapter) award for Prosecutor of the Year in 2006.

Jonathan is an instructor for the National Computer Forensic Institute on the subject of cyber investigations, advanced digital evidence and computer forensics.

Terry Willis is an associate managing director in the Cyber Risk practice of Kroll, based in the Los Angeles office. He leverages over 24 years of experience as an expert incident handler, computer forensics practitioner, investigator, expert witness, author, instructor and speaker. In his current role, Terry helps clients resolve myriad computer-related concerns—from malicious intrusions to theft of intellectual property—through a wide range of complex technical and investigative activities.

Prior to Kroll, Terry worked with the Los Angeles Police Department (LAPD) for 21 years, serving most of his career as a detective investigating white-collar crimes. For five years, his investigations focused on corporate and financial fraud, including internal thefts, embezzlements, bank fraud and identity theft. In 1996, he was promoted to Detective III - Officer-in-Charge Computer Crimes Unit, where he established and designed the LAPD’s computer forensic function to address the full lifecycle of digital evidence for all criminal, administrative and internal investigations. He also managed LAPD’s resources and investigations as a supervisor in the U.S. Secret Service Electronic Crimes Task Force and the Southern California High Technology Crime Task Force.

In his court experience, Terry has been associated with the following cases: Robert Blake Civil Trial, Burbank Superior Court; People v. Robert Blake and Earle Caldwell, Los Angeles Superior Court; People v. Henry Hayes, Los Angeles Superior Court; and People v. Chance Webberman, Los Angeles Superiors Court.

He has been involved in teaching and giving presentations on various topics, which include “Computer Forensics and Digital Evidence in the Courtroom” at the Los Angeles County District Attorneys Training Day; “Computer Forensics and Digital Evidence” at the California Department of Justice; “Managing an Intrusion Investigation” at the U.S. Secret Service, Los Angeles Electronic Crimes Task Force; “Computer Forensics and Digital Evidence” at the Southwest Law College, Los Angeles; “Cybercrime Investigations” at the Southern California Regional High Technology Crimes Task Force; and “Unix as a Forensic Platform” at the Internet Crimes Against Children Task Force Training Seminar.

Terry’s article titled, “Criminal Liability in Cyberspace” has been published in GPSolo Magazine (a publication of the American Bar Association), and his article titled, “Starting a Computer Crime Unit” has appeared in The Informant (a publication of the National White Collar Crime Center).

Terry is a PCI Forensic Investigator (PFI) and an EnCase Certified Examiner (EnCE). Additionally, he holds the following certifications: SANS Global Information Assurance Certification – GIAC Certified Incident Handler (GCIH) Incident Handling; UNIX Systems Certification; and Computer Crime Certification, California Peace Officer Standards of Training (POST). Recently, he also completed training in SANS Advanced Incident Response, Threat Hunting and Digital Forensics.

Christopher Ballod is an associate managing director in the Cyber Risk practice of Kroll, based in Philadelphia. He leverages over 15 years of experience in data privacy and cyber security, counseling clients in the preparation for a cyber incident, and during the response and notification process after an incident occurs. Chris’ expertise negotiating and drafting agreements, counseling clients during the assessment of risk and placement of cyber liability coverage, coordinating breach response services and supporting clients in litigation can greatly reduce legal, financial, and reputational risks in the event of a cyber incident.

At Kroll, Chris leverages his expertise to provide clients appropriate response protection in the event of a data breach incident, and he will also assist clients preparing for, or going through, CFIUS audits. He brings years of experience in digital forensics and incident response, particularly as it relates to PII/PHI exposure. He also helps clients identify trends and actors that may impact their systems and assess potential exposure post-incident to avoid data leaking via dark web forums.

Having guided hundreds of clients through complex cyber security incidents, Chris brings extensive experience in conducting tabletop exercises practicing breach response procedures, and multi-day stakeholder "boot camps" training key personnel in all aspects of risk management and response.

Before joining Kroll, Chris was a partner and vice chair of the Data Privacy & Cybersecurity practice at Lewis Brisbois Bisgaard & Smith LLP, which received the Advisen Cyber Risk Award for Best Legal Practice in 2019 and 2020. He also served as a member of the firm’s Corporate and Complex Business and Commercial Litigation practices. His experience included leading the coordination of over 500 breach responses for clients across multiple sectors, including defense, construction, energy generation, financial services, healthcare, hospitality, school districts, universities and retail.

He has spearheaded compliance and security programs for publicly traded traditional market companies and cutting-edge companies, including cryptocurrency exchanges and machine-learning data analytics firms. He has conducted a risk assessment analysis for a nuclear and traditional fuel energy generation company in the acquisition of new generation assets. Christopher has also coordinated breach response services for clients of all sizes and across varied sectors including construction, energy generation, ?nancial services, healthcare, hospitality, municipal government, and retail.

Christopher’s regulatory compliance counseling experience includes compliance with CCPA, HIPAA, payment card industry standards (PCI-DSS), NYS Department of Financial Services compliance and GDPR. In addition to litigating the first "virtual property" case in the U.S., Bragg vs. Linden Labs, he counseled multi-national vendors of goods and services in a virtual world game about their participation in virtual currency exchange, and the legality of their gaming businesses under state and federal gambling laws.

He is frequently invited to speak on data privacy and cyber security, and he has been featured in various publications. During his previous legal practice, he won the Pennsylvania Super Lawyers Rising Star awards in 2016 and 2008.

Christopher holds a Juris Doctor from the Delaware Law School. Additionally, he is a Certified Information Privacy Professional/U.S. (CIPP/U.S.) and Certified Information Privacy Professional/Europe (CIPP/E).

Justine Phillips is a partner in both Data Privacy & Security and Labor and Employment Practice Groups in the firm's San Diego office.

Justine focuses her practice on cybersecurity, data privacy, employment litigation and counseling, and commercial litigation. Her representations involve every aspect of cybersecurity from information governance, diligence in acquisitions/investments, incident preparedness and response, drafting incident response plans and conducting breach simulations, to advising on California Consumer Privacy Act, responding to regulators, and defending companies in litigation relating to cyber events. Justine takes a practical and thoughtful approach to assist multi-national and emerging companies on everyday issues related to electronically stored information including: privacy/security by design, cyber risk management and mitigation; eWorkforce policies; compliance with data regulations; retention/destruction policies and protocols; information-security and data privacy; crisis management and forensic investigations for data breaches; business email compromises; developing policies/protocols/trainings within an organization to create a culture of cyber-awareness; electronic discovery; and social-media issues. Justine also founded Women in eDiscovery-San Diego, Mother Attorney Mentoring Association-San Diego, and frequently publishes and speaks on cyber-related issues.

As an employment attorney, Justine handles commercial litigation for clients in the following public and private industries: cybersecurity and technology, healthcare, tribal, sporting enterprise, insurance, medical device, education, defense, cybersecurity, manufacturing, retail, non-profit and for-profit industries. Justine also regularly advises clients on issues relating to: classification; leave policies; defense of ADA and FEHA disability discrimination claims; interactive process and reasonable accommodation; wage and hour matters; information management; social media; employment agreements; and employee handbooks. Justine has defended companies in both state and federal court against claims of discrimination, harassment, retaliation, and wrongful dismissals.