Cyber Security Expert Witness
Cybercrime is on the rise, and the cost and number of successful breaches continue to increase. In many cybercrime cases, the ruling comes down to how technical evidence is explained to attorneys, judges and juries. Dr. Cole is a professional, experienced and knowledgeable cyber security expert witness who can effectively explain complex terms in a way that people can understand and relate to.
Dr. Cole is experienced in expert reports, deposition, testifying, technical advising, and witness preparation. His expertise has been pivotal in a diverse set of cases, including patent infringement, invalidity and damages, security due diligence, and false claims and filings, many of which cases involved large monetary damages or potential damages. His security expert witness services are available to both plaintiff and defense attorneys.
The Dr. Cole Difference
In contrast with many other cyber security expert witnesses, Dr. Cole is not just a teacher, but he has actually worked with hundreds of companies on security issues, which can be critical in cases regarding due care and effective security. With almost 30 years of experience as a computer security analyst, he is sought after by governments and businesses worldwide for his expertise, guidance and solutions.
Patent Infringement, Invalidity, and Damages
With his broad background and extensive computer security specialist experience, Dr. Cole can provide value to your team from the get‐go. Oftentimes, expert witnesses have to be brought up to speed and explained the process and patents. This is not the case with Dr. Cole. He is a security expert witness who understands the process and has obtained several patents of his own as an inventor.
Topics of intellectual property cases include security technology patent infringement, invalidity, and damages, as well as apportionment.
Publicly traded companies have to file quarterly and yearly statements with the SEC. In those filings are specific requirements regarding security, e.g., whether the company has had a security breach.
Another example is the filing by a security product vendor regarding the performance of their security product. (In addition, the vendor might be making public claims of the excellence of their product.)
This information is used by investors to determine not only whether to buy or sell but also whether to make recommendations to their customers.
If the information in their filings is false or inaccurate, and especially if the information in the filings has been of factual statements, and this becomes public knowledge, stock prices drop, the company crashes and investors can (and often do) lose millions. For instance, retirement investment companies in this country have experienced major losses in this area.
A cyber security expert witness can determine whether a breach of security has occurred, so, in the case of an SEC filing, a false claim has been made.
Cyber Security Due Care
Today, if a company has customer information or sensitive data, the concept of due care comes into play in civil law — did the company do what a reasonable person would do to protect that information?
Scenario: The company tells its customers it has top notch security; it puts the statement on its website that it protects all client information.
Is that true? If the information is compromised, the company could be sued. Alternatively, the company could potentially sue a third party if they had access to that information and did not properly protect or secure it.
A cyber security expert witness evaluates whether the security measures were effective and appropriate, i.e., makes a security validation report. The expert could determine that the company had the customary measures of security or, alternatively, that the company did not have the technology in place to have detected the breach.
Cyber Security Issues
Dr. Cole addresses the effectiveness/appropriateness of security measures, sometimes referred to as security validation, i.e., have false claims of security been made?
Has due care been exercised, or is there evidence of negligence?
How was identity theft and/or fraud perpetrated?
Contact Security Haven