and holistic lawyersâskills that I keep in my toolbox today to help clients deal with intricate problems.â
action,â he says. âAnd theyâre setting up analytics and information âfusion centersâ that find and combine all of the information sources available to the enterprise to create a threat picture that enables the institution to better understand its risk profile and more efficiently respond to incidents.â
JOSEPH V. MORENO â99L, â00MBA agrees that itâs very gratifying to be a trusted cybersecurity advisor. He handles a range of matters related to data protection and incidents as a partner in the white collar defense and investigations group at Cadwalader, Wickersham & Taft LLP.
Like Ferrillo, LEO TADDEO â94 believes that his St. Johnâs legal education prepared him well for a career in cybersecurity that began during his 20-year tenure with the FBI. âSt. Johnâs âHaving worked for years with corporate sharpened my ability to analyze and solve While innovation is key to preventing, clients across industries in developing and complex problems,â he says. âWhile I always combatting, and recovering from cyberattacks, implementing anti-bribery and anti-money knew the value of personal ethics, fairness, laundering programs, cybersecurity was the JUDITH H. GERMANO â96 recognizes that many and justice, I learned how to advocate for cybercrimes are still relatively unsophisticated. next logical space to develop as a practice those principles as a law student. These skills âMalware attacks launched through phishing area,â he says. Morenoâs practice in this niche have been critically important to me in my emails and similar low-tech schemes remain is also informed by his earlier career in the professional and personal life.â prevalentâ she explains. âAnd they can be U.S. military, as a national security prosecutor prevented by low-cost measures, such as with the U.S. Department of Justice, and Taddeo, a U.S. military veteran, began his using two-factor authentication, limiting as a consultant to the FBIâs 9/11 Review legal career as a criminal investigator with data access, keeping software updated, and Commission. âIn these diverse roles, I gained the FBI in New York, and then assumed requiring complex, unique passwords or other subject matter expertise in dealing with a succession of senior roles with greater access credentials.â cyberterrorism conducted by hostile foreign responsibility for FBI operations around the actors,â he shares. world. âLike just about every other FBI agent, Cybersecurity is a focus of Germanoâs work I wanted to work the biggest, hardest, and as principal of Germano Law LLC. âI was a His broad base of experience affords most impactful investigations,â he says. âFor federal prosecutor for 11 years before starting Moreno a clear view of the current threat the majority of my years as an agent, that my own boutique firm,â she shares. âAs chief landscape. âThe danger of being hacked was meant organized crime, white collar crime, of economic crimes at the U.S. Attorneyâs bad enough when we were dealing solely and terrorism cases. It wasnât until late in my Office for the District of New Jersey, I was with lone wolf attackers,â he says. âNow FBI career that I recognized the importance involved in, and supervised, cybercrime we have sophisticated, foreign military and of cybercrime and gravitated toward investigations and prosecutions, among other intelligence-backed hacking operations assignments in that field. Given that there responsibilities. I saw how cyberthreats were supported by the likes of China, Iran, Russia, werenât many senior executives with cyber growing, and that companies needed help and North Korea who act with impunity.â expertise in the FBI, I soon found myself in a handling them.â These ever-growing threatsâand constantly small group of experienced investigators who developing cyber regimes like the EUâs GDPR could effectively supervise cyber programs.â Germano also traces her interest in and regulations enacted by California, New cybersecurity back to her time at St. Johnâs York, and other U.S. statesâonly add to the Eventually, Taddeo left the FBI and took his Law. âI wanted to earn a law degree so I potent cybersecurity mix that, Moreno says, cybersecurity expertise to the private sector, could guide organizations and executives makes these challenging times for companies. where he now serves as chief information through crisis,â she says. As the research security officer at Cyxtera Technologies. âMy and symposium editor of the St. Johnâs Given these challenges, seasoned primary responsibility is to ensure the security Journal of Legal Commentaryânow cybersecurity lawyers have become essential of the critical information assets that Cyxtera the Journal of Civil Rights and Economic to corporate wellbeing. âWeâre there to depends on to do business,â he explains. DevelopmentâI coordinated a symposium advise clients on regulatory, litigation, and âThis includes general IT security, compliance, on Cyberspace and the Law. It was one of public relations matters, and that can go and product security. I also work with the very first conferences of its kind, and it a long way to addressing the merits of a Cyxteraâs developers to improve the features introduced me to the field of cybersecurity cybersecurity breach while also restoring and capabilities of the security products we in all its complexities.â public confidence,â Moreno says. âHow offer to our customers.â you handle yourself in the first few hours In addition to working as a cybersecurity following a breach can mean the difference Considering the state of his field today, attorney, Germano engages her expertise between a temporary dustup and a longTaddeo notes that, out of sheer necessity, as a distinguished fellow at the NYU Center term disaster.â financial services companies lead every for Cybersecurity, as a senior fellow at NYUâs other sector in developing and deploying Reiss Center on Law and Security, and as As he weighs what it takes to succeed as a cybersecurity controls. âThis lead is the an adjunct professor at NYU Law. âGood cybersecurity attorney, Moreno is clear that result of investments in staff and security cybersecurity starts with a risk assessment St. Johnâs Law graduates are up to the task. tools internally and external, cross-sector that focuses on the systems and data an âSt. Johnâs lawyers are practical and know how collaboration,â he says. âBy sharing and organization has, who has access to them, to handle themselves in the courtroom, the cooperating with each other, financial how theyâre protected, and what threats boardroom, or in front of the media,â he says. institutions make the entire sector more they face,â she shares. âI enjoy helping âWe are deliberative and thoughtful, but also secure and resilient.â executives and officials develop and test know how to make judgment calls and shift systems, plans, policies, and procedures for gears when faced with fast-changing events. Innovation, Taddeo points out, is fueling this improving cybersecurity in their organizations. Lawyers are generally well trained to handle crisis effort. âCompanies are investing heavily in Iâm dealing with critically important issues at response, but St. Johnâs lawyers are especially machine learning and artificial intelligence the intersection of security, technology, and well suited when it comes to reacting under fire that can predict malicious activity and take business. Itâs fascinating and rewarding work.â to achieve the best results for our clients.â SPRING 2019 l 17