Scott Aurnou is a cyber security consultant, attorney and vice president at Soho Solutions, an IT consulting and managed services company based in New York. He helps organizations identify and address the kind of critical technology-related risk and market exposure that keep executives, management committees and corporate boards awake at night. His recipe for success is to utilize his legal, cyber security and business background to build internal consensus among diverse business stakeholders who often understand either the law or technology, but not both.
Scott effectively serves as a translator in a world where technological advances continually exacerbate potential cyber security and data privacy exposure. To that end, he tries to help clients better understand the threats they face so they can sleep better at night.
He maintains a computer security website for non-technical business and professional audience at www.thesecurityadvocate.com. Specialties are: computer security, presentations, public speaking, computer forensics, digital forensics, technical translation, litigation and information security consulting.
He is admitted to practice law in: New York; Colorado; the U.S. District Courts for the Eastern and Southern Districts of New York; and the U.S. Court of Appeals for the Second Circuit.
He has been a vice president at Quest IT Outsourcing, an attorney at Berstein, Litowitz, Berger & Grossmann and a senior attorney at Barnes, Iaccarino, Virginia, Ambinder & Shepherd. Aurnou earned his bachelor’s degree at State University of New York at Albany and his law degree at Albany Law School of Union University.
Data Confidentiality, Security & Recent Changes to the ABA Model Rules
Continuing legal education (CLE) presentation regarding data confidentiality, information security, computer forensics and legal ethics in light of technology-related changes made to the American Bar Association’s Model Rules of Professional Conduct.
Digital Security for Lawyers: First Steps to Safeguarding Yourself Now
Presentation regarding confidentiality, information and network security risks (and potential solutions) for attorneys and law firms.
Computer Security for Accountants
Continuing professional education (CPE) presentation regarding confidentiality, information and network security risks (and potential solutions) for accountants and accounting firms.
Mishandling Electronic Evidence & Client Data: An Emerging Legal Malpractice Danger
Continuing legal education (CLE) presentation regarding potential risks to attorneys and law firms from mishandling client data and electronic evidence. Covers data confidentiality, information security, computer forensics and legal ethics.
Computer Forensics: Deleting Does Not Mean What You Think
Continuing legal education (CLE) presentation explaining computer forensics, what it is, how it works, how lawyers properly interact with computer forensics professionals and what really happens when you press “delete.”
How Much Damage Can an Outdated Computer Do to Your Practice?
The New York Law Journal
February 5, 2014
Microsoft’s popular Windows XP operating system and the MS Office 2003 software suite will go ‘out of support’ on April 8, 2014. What are the ethical concerns and security risks to law firms (and others) still using them?
After Data Breach, the Best First Responder Is a Law Firm
March 13, 2014
Upon discovery of a data breach, it may seem natural for an organization to contact forensics and security experts immediately. But that’s actually a mistake. A breached organization’s first call should be to an outside law firm with cybersecurity expertise for two critical and frequently overlooked reasons — attorney-client privilege and work-product protection.