Information Security

A Privileged Approach

Blackstone Law Group provides information security, compliance, and related investigative services in a legally privileged context. 

We work hand-in-hand with our affiliate Black Chambers Inc., and our extensive network of partners, to provide a full arsenal of information security services in response to and in compliance with constantly changing legal and regulatory requirements.  These include, among other bespoke services, the following:

  • Risk Assessments 
  • Managed Penetration Testing and Vulnerability Assessment
  • Hyper-intensive Offensive and Defensive Capability Enhancements
  • Information Security Policies and Implementation
  • Data Governance and Classification
  • Incident Response 
  • CISO and Affiliate Services to Comply with the NYS Dep't of Financial Services Cybersecurity Regulation
  • Encryption Implementation (domestically and abroad)
  • Third Party Audit Services 
  • Cybersecurity Awareness Training (updated in lockstep with emerging threats)
  • Trade Secret Protection (both legal and technical in nature)
  • Executive and Board Level Briefings on Cybersecurity Events or Trends of Concern
  • Discrete Investigation of Internal and External Events 
  • Interaction with State and Federal Regulatory Bodies 

Drawing on both technical and legal acumen, we see our role as helping clients navigate overlapping regulatory requirements and information security best practices, without running afoul of either.

Managing the Information Security Risk

Trust in the parties whom you let into your network to document your security posture is critical.  The process of securing a single network or enterprise creates risk – risk that the party assessing your network cannot be trusted with your data, and risk that the documentation or communications concerning vulnerabilities can end up in the wrong hands, whether that be a malicious actor, a competitor, parties to a lawsuit, or the government.  

We manage this risk by affording our clients the protection of attorney-client privilege.  Our analyses, and those of our agent, Black Chambers, are protected from disclosure to any third party, be that an adversary in a litigation or a governmental request.  In practical terms, this means that both the ‘input’ and ‘output’ of our engagements, i.e., your communications to us and our agents and their responses, are covered by privilege and therefore confidential.  

Structuring engagements in this manner allows our clients to be completely candid about their legal concerns and their security posture; and our risk assessments, advice, and remedial actions in kind may be similarly frank.

With the protection of attorney-client privilege surrounding our engagements, clients can rest assured that their most sensitive and business critical data belongs to them and them only, and shall not be disclosed to third parties without their consent.  

We Take Pride in the Protection of Our Data and Your Data

Blackstone Law Group takes its own security posture very seriously.  As the Panama Papers incident and the breach of Panamanian law firm Mossack Fonseca made clear, law firms are frequently in the crosshairs of criminals, and can unintentionally become the soft underbelly of their clients.  Along with our affiliate Black Chambers and our specialized partners, we continually assess and re-assess our security practices.  We understand that our clients’ sensitive data takes many forms, and we view the protection of that data as our solemn obligation.

We are Leaner, Faster, More Economical, and Have Greater Expertise

Unlike other firms that see information security simply as a growing practice area, our lawyers and our affiliates at Black Chambers have a long history in the InfoSec community that spans decades.  Our lawyers and technical personnel speak the same language, and work together day in and  day out.  There is no lag time to ‘get the lawyers up to speed’ on the technical issues surrounding an assessment or investigation.  The combination of legal acumen and information security expertise in this sense results in great efficiencies that, by design, benefit our clients’ bottom line.  

Unlike other firms, we are not beholden to third parties or security product re-sellers.  Because of our long history, we have partners and alliances that span the globe, and can be activated, on an as needed basis, for specific client needs.  

We offer our clients legal expertise, technical expertise, a trusted network, and peace of mind.  We love what we do, and because of this there is no question that we offer our clients more for less.