Card image cap

Practical eDiscovery Insights from Norton Rose Fulbright's High Impact Cyber Incident Response

Level: Advanced
Runtime: 57 minutes
Recorded Date: March 10, 2022
Click here to share this program
Download PDF
Closed Caption


  • Types of compromises and actors
  • Anatomy of an incident
  • First 72 hours after an incident
  • Regulatory interactions
  • Review workflow
  • Information governance
Runtime: 1 hour
Recorded: March 10, 2022

For NY - Difficulty Level: For experienced attorneys only (non-transitional)


Norton Rose Fulbright’s David Kessler, Anna Rudawski and Sam Sessler work together guiding clients through the investigation, containment, and remediation of some of the world’s most high-profile cybersecurity incident response matters. Join us as they discuss legal considerations and data and reporting challenges, while also sharing practical strategies, tools and workflows for practicing effectively in this complex area.

This program was recorded as part of ALM's Legalweek Conference on March 10th, 2022.

Provided By

Card image cap Legalweek
Card image cap


Card image cap

Sam Sessler

Assistant Director, Global eDiscovery Services
Norton Rose Fullbright

Sam Sessler is the Assistant Director of Global eDiscovry Services at Norton Rose Fullbright. Sam receives his BA in Computer Information Services from McMurry University.

Card image cap

Anna Rudawski

Norton Rose Fullbright

Anna advises clients in the financial services, healthcare, insurance, and technology industries on data protection, privacy, cybersecurity, and governance issues. Anna's expertise encompasses the secure handling of confidential and personally identifiable information, as well as compliance with international, federal and state privacy regulations including GDPR, CCPA, HIPAA, CAN-SPAM and TCPA. She has worked closely with companies to build and mature privacy compliance programs, audit their privacy practices, conduct privacy impact assessments and map the use and processing of personal information.

Anna routinely works with clients on issues related to protecting data during transactions or reorganizations, such as M&A deals and drafting and negotiating tailored privacy and data security contract provisions. She has also advised companies on cross border data issues and the use of data transfer mechanisms.

Anna has significant experience working with clients to identify and remediate potential data security incidents. She works with clients and third parties to contain incidents and their effects, investigate their cause and impact, and deliver public and regulatory communications on behalf of clients. Anna also assists clients with all aspects of breach preparedness, including information security governance and risk management and counseling executives on cybersecurity matters.

Anna spent a year working in the Global Privacy Office of a multinational pharmaceutical company to assist with privacy and legal matters such as developing consent documents, creating internal data handling policies and procedures, and negotiating privacy and security terms with vendors. Prior to joining Norton Rose Fulbright, Anna served as Vice President of Global Privacy at JPMorgan Chase. Anna is a Certified Information Privacy Professional (CIPP/US) and is licensed to practice in New York.

Card image cap

David Kessler

Global Head of eDiscovery & Information Governance
Norton Rose Fulbright US LLP

David Kessler is the Head of Data and Information Risk, United States and is a thought leader on issues involving discovery, data privacy, records management, and cyber security.

David counsels clients on a range of data privacy matters focusing on compliance and cross border data transfers. David has provided advice regarding the Stored Communication Act (SCA), the Health Insurance Portability and Accountability Act (HIPAA), the Children's Online Privacy Protection Act (COPPA) and Family Educational Rights and Privacy Act (FERPA). He also provides advice to multinational clients regarding compliance with EU data protection and privacy laws including the General Data Protection Regulation (GDPR), where he works closely with his colleagues in the EU.

David acts as global discovery counsel for technology, finance, pharmaceutical and manufacturing companies where he helps them address litigation readiness, cross border discovery complications and acts as special discovery counsel in complex litigations. David focuses not only on tactical e-discovery issues in particular cases, but advises clients regarding strategic e-discovery portfolio management and data governance. For example, David has helped clients with emergency ex parte preservations orders; negotiations with opposing counsel regarding disaster recovery data; establishing that opponents had fabricated e-mails; and developed litigation readiness protocols

David has a particular focus on cross-border discovery. David was recently the counsel of record for an amicus brief before the United States Supreme Court in United States v. Microsoft addressing the importance of comity in cross border discovery. David has helped clients preserve, collect, process and transfer data from countries all over the world including, by way of example, Australia, Brazil, Canada, China, Germany, India, Italy, Nigeria, Japan, South Africa, Spain, Switzerland, and the United Kingdom. David is a contributor to and has been a faculty member for the Sedona Conference's (one of the world's leading e-discovery organizations) Work Group 6 on International Electronic Information Management, Discovery and Disclosure.

David is an adjunct professor at the University of Pennsylvania Law School where he teaches an advanced seminar on "E-Discovery."

David is a Certified Information Privacy Professional (CIPP/E) through the International Association of Privacy Professionals (IAPP).

As part of his information governance practice, David has advised clients on where and how to store and manage data globally as well as how to integrate record retention, data security and e-discovery into the fabric of their IT infrastructure. Beyond helping clients stand up information governance programs with policies and record retention schedules, David counsels clients on mobile device management, ephemeral data, disaster recovery and business continuity systems and the cloud. He also has represented clients in defensible data disposition projects and examining the contours of their own dark data.

As part of the firms cybersecurity team, David has represented clients both preparing for and responding to cyber incidents. He has drafted and revised incident response plans (IRPs), run table top exercises and helped clients select and contract with forensic and public relations vendors. David has advised clients about the scope of data breaches and the company's obligations to notify the appropriate authorities and the people affected by the breach. Finally, David has represented clients in investigations by the FTC into suspected incidents and the quality of the clients' preparations and response.

He received his B.A. with honors from the University of Florida and his J.D., summa cum laude, from the American University Washington College of Law

Card image cap

George Socha

SVP, Brand Awareness

George Socha is responsible for increasing market awareness and adoption of Reveal’s platform globally. Additionally, George is tasked with guiding the product roadmap and consulting with Reveal customers on effective deployment of legal technology. In 2005, he co-founded the Electronic Discovery Reference Model (EDRM) whose frameworks and content have empowered a generation of legal professionals. He has worked for over three decades as a lawyer, advisor and court-approved expert.

George received his JD from Cornell Law School and his BA from the University of Wisconsin – Madison.

Card image cap

Similar Courses

Card image cap
64 minutes
"I Am Not a Cat" Proceedings in a Virtual World
Besides becoming a pop-culture catchphrase, how has the shift to a virtual environment impacted proceedings over the last year, and what changes do you believe are here to stay? Our panel of experts will examine some of the greatest challenges, faux pas, and successes in virtual proceedings over the course of this transformative time.

Women, Influence & Power in Law Conference


Add to Cart
Card image cap
63 minutes
2021: The Year of the ELM
Panelists will clarify what constitutes an ELM platform, examine its unique and compelling capabilities, and discuss its strategic and tactical advantages, particularly those stemming from data-driven insights and machine-driven decision making. Attendees will gain a clear understanding of the significance of the emergence of ELM solutions, what firms and law departments can achieve with ELM platform, and practical and ethical considerations related to adopting an ELM solution.



Add to Cart
Card image cap
97 minutes
26 Words that Created the Internet - Basics of the Communications Decency Act Section 230 Safe Harbor
This program will examine the basics of CDA 230 and its day to day affect for those who advise internet businesses as well as those who litigate against them. It will give practical guidance as to what extend internet companies can or should edit or censor the information their users contribute to their sites and to what extent those users will actually be liable.

New Media Rights


Add to Cart
Card image cap
63 minutes
360-Degree View on How to Navigate a Crisis
During this session, our panel of experts will explore the following topics to arm you with a plan to protect the company and minimize long-term problems: - Building a crisis management team and understanding each person’s unique role -Preparedness – advance planning and assessing potential risk areas - First Response – responding in the critical first hours and days to minimize the long-term impact - Resolution Strategy – managing various actions stemming from the crisis to enable the best resolution for the company.

Women, Influence & Power in Law Conference


Add to Cart
Previous Next