Scott Aurnou, Author at Insurance Thought Leadership



Scott Aurnou

Scott Aurnou

Scott Aurnou is a cyber security consultant, attorney and vice president at Soho Solutions, an IT consulting and managed services company based in New York. He helps organizations identify and address the kind of critical technology-related risk and market exposure that keep executives, management committees and corporate boards awake at night. His recipe for success is to utilize his legal, cyber security and business background to build internal consensus among diverse business stakeholders who often understand either the law or technology, but not both.

Scott effectively serves as a translator in a world where technological advances continually exacerbate potential cyber security and data privacy exposure. To that end, he tries to help clients better understand the threats they face so they can sleep better at night.

He maintains a computer security website for non-technical business and professional audience at Specialties are: computer security, presentations, public speaking, computer forensics, digital forensics, technical translation, litigation and information security consulting.

He is admitted to practice law in: New York; Colorado; the U.S. District Courts for the Eastern and Southern Districts of New York; and the U.S. Court of Appeals for the Second Circuit.

He has been a vice president at Quest IT Outsourcing, an attorney at Berstein, Litowitz, Berger & Grossmann and a senior attorney at Barnes, Iaccarino, Virginia, Ambinder & Shepherd. Aurnou earned his bachelor’s degree at State University of New York at Albany and his law degree at Albany Law School of Union University.


Data Confidentiality, Security & Recent Changes to the ABA Model Rules

Continuing legal education (CLE) presentation regarding data confidentiality, information security, computer forensics and legal ethics in light of technology-related changes made to the American Bar Association’s Model Rules of Professional Conduct.

Digital Security for Lawyers: First Steps to Safeguarding Yourself Now

Presentation regarding confidentiality, information and network security risks (and potential solutions) for attorneys and law firms.

Computer Security for Accountants

Continuing professional education (CPE) presentation regarding confidentiality, information and network security risks (and potential solutions) for accountants and accounting firms.

Mishandling Electronic Evidence & Client Data: An Emerging Legal Malpractice Danger

Continuing legal education (CLE) presentation regarding potential risks to attorneys and law firms from mishandling client data and electronic evidence. Covers data confidentiality, information security, computer forensics and legal ethics.

Computer Forensics: Deleting Does Not Mean What You Think

Continuing legal education (CLE) presentation explaining computer forensics, what it is, how it works, how lawyers properly interact with computer forensics professionals and what really happens when you press “delete.”



How Much Damage Can an Outdated Computer Do to Your Practice?
The New York Law Journal
February 5, 2014

Microsoft’s popular Windows XP operating system and the MS Office 2003 software suite will go ‘out of support’ on April 8, 2014. What are the ethical concerns and security risks to law firms (and others) still using them?

After Data Breach, the Best First Responder Is a Law Firm

March 13, 2014

Upon discovery of a data breach, it may seem natural for an organization to contact forensics and security experts immediately. But that’s actually a mistake. A breached organization’s first call should be to an outside law firm with cybersecurity expertise for two critical and frequently overlooked reasons — attorney-client privilege and work-product protection.

Recent Articles by Scott Aurnou

‘Phone Spoofing’ – Yes, It Can Happen to You

Not so long ago, a senior executive at Insurance Thought Leadership received a phone call on his smartphone in which the caller claimed to be returning a call.  The ITL executive politely let the caller know that he hadn’t called. Then came another “returned” call… and another. Each caller said he had received a call […]

How Stolen Credit-Card Data Is Used

Reports of high-profile data breaches have been hard to miss over the past year. Most recently, it was a breach involving 56 million customers’ personal and credit card information at Home Depot. This is just the latest volley in a wave of sophisticated electronic thefts including Target, Neiman Marcus, Michael’s, P.F. Chang’s and Supervalu. Much […]

Cyber Risk: Are You the Weak Link?

In 2012, a young scam artist based in Asia posing as a private investigator simply purchased the personal information for more than 200 million users directly from credit reporting giant Experian and then posted it for sale online. The only reason we know about the incident is that the U.S. Secret Service caught it.  Experian […]

3 Ways to Protect Sensitive Messages

“Delete this email if you are not the intended recipient.” That and similar language theoretically sounds imposing but essentially does nothing to protect sensitive data from any nefarious actors who view it (though they may get a good chuckle before reading the email). Yet almost 90% of attorneys surveyed by LexisNexis for a study it published […]

The 7 Keys to Strong Passwords

Creating a strong password may seem like a chore, but sometimes it can literally be the only thing standing between a cybercriminal and your personal and financial information or access to your company’s network and intellectual property. Here are some tips for creating a strong password (that you can actually remember): 1) The most important […]

Connect With Scott Aurnou

Connect with Dave Walker on Twitter

  • Cyber
  • Innovation & Technology
  • Personal Risk Management
Do NOT follow this link or you will be banned from the site!