Data Risk Management
The Next Stage of Growth for Exterro
June 14, 2019
Just over a year ago, Exterro announced the exciting news of our partnership with Leeds Equity Partners and the strategic equity investment that would turbo charge Exterro’s growth and innovation at a moment I believe is a true tipping point for the e-discovery industry. We—and I mean not just the e-discovery industry, but “we” as an international economy and even as a society—are facing large-scale, structural change in how we interact with our data: how we secure it, use it, access it, and dispose of it.
I want Exterro to be one of the companies at the forefront of this transformation.
Today, I’m writing to announce that we’ve taken a critical and emphatic step toward that goal. Exterro is formally announcing the acquisition of Jordan Lawrence, the leading Privacy and information governance software and services company.
This move is not a simple bolt-on acquisition. Jordan Lawrence, which specializes in data privacy and third-party risk management, helps companies manage their information cost-effectively, defensibly, and in compliance with state, federal, and international regulations. With 30 years of expertise in the field and over 1,000 premier clients, Jordan Lawrence’s expertise and leadership solidifies our position as the leading solution to organizations’ e-discovery, data privacy, and information governance challenges.
Why did I decide now was the time to take this bold step?
First of all, e-discovery needs to reckon with the changing landscape of data privacy regulations. GDPR is just the tip of the spear. The California Consumer Protection Act, the New York Department of Financial Services Cybersecurity Regulation, and likely many many more state regulations are on their way.
Organizations’ obligations to manage data—and the costs of failure—are growing exponentially. Just look at recent examples from data breaches. A well-known retailer paid almost $70 million in a settlements with banks, states, and class action suits stemming from a single data breach. LA Tan settled a Biometric Information Privacy Act (BIPA) lawsuit, which resulted immediately in 200 class action suits.
Legal teams must make sure their e-discovery preservation and information governance programs comply with these regulations, or they will be opening their organization up to layers upon layers of lawsuits. Does anyone think the plaintiff’s bar will spare organizations because of the complexity of complying with these rules? I don’t. Organizations must be prepared.
This isn’t to say privacy rules the roost and e-discovery is subordinate. The power that these regulations has given to individuals is real and substantial. Case in point—on On May 21, 2018, in response to GDPR, Microsoft announced a self-service SAR portal to enable customers to manage their data. Though GDPR demanded it only for EU residents they opened it worldwide. In a short span of four months, Microsoft received 5 million requests from 200 countries. The highest level of engagement, nearly 2 million, came from the US.
As Gartner puts it, these recent and evolving privacy regulations “cannot be dismissed with a narrow checkbox mentality.” Organizations will need a portal for Data Subject Access Requests (DSARs), but that’s just the front end. More importantly, they need a holistic information governance plan to understand the data in a contextual manner, and the ability to preserve, collect, review, redact, produce or remediate information—all on demand, in an efficient business process.
And that’s where Exterro fits into the picture. Who can help these organizations avoid needless complexities, data transfers between platforms, and a multiplicity of specialized tools? Who does all of these critical tasks in a seamless single platform? Exterro does.
In fact, many of the technology and process requirements of both e-discovery and data privacy tasks are, for all intents and purposes, identical. Both require an accurate and comprehensive data map, the ability to identify and preserve data, and the ability to review, redact, and produce relevant data under tight timelines.
Whoever is responsible in an organization for compliance with these regulations, whether General Counsel offices, Chief Legal Officers, Chief Data Officers, Chief Privacy Officers—or ultimately CEOs, for that matter—needs the technologies and processes to do so. And what better way to do so efficiently and effectively than with a single platform capable of managing information governance requirements while also proactively managing e-discovery obligations—all while also reducing costs, shortening timelines, and mitigating risk.
The tools and processes used for e-discovery are rapidly converging with—if not already identical to—those required for compliance with privacy mandates. Thus, a single integrated platform that combines Exterro’s and Jordan Lawrence’s technologies will deliver significant cost, efficiency, and risk management benefits to our clients. With our new, unified technology platform, organizations will be able to:
- Ensure the integrity and security of data in their possession
- Fulfill e-discovery obligations per the Federal Rules of Civil Procedure
- Manage third-party/vendor risk as required by GDPR and other regulations
- Secure, access, retrieve, and manage data in compliance with data privacy regulations
- Facilitate communication between data owners, employees, and management
- Build and execute dynamic workflows involving internal as well as external assets
So while that is our strategy, Exterro is also uniquely well-positioned to deliver this technology at a tactical level as well.
- Given the breadth of data sources in use today, Exterro’s 40+ existing technology connectors and our proven ability to develop new connectors on demand give our clients an unparalleled ability to see into and act upon enterprise data.
- Exterro’s architecture is built upon a business process engine that allows organizations to orchestrate the tasks of e-discovery, information governance, and data privacy into repeatable, predictable, and efficient workflows.
- Exterro’s history of relationships with large, complex, international organizations demonstrates our ability to understand and meet their needs.
- Exterro’s engineering team, which has rolled out multiple artificial intelligence applications, deepened our integration with Microsoft Office 365®, and enhanced e-discovery capabilities in the just last year, offers innovative and agile development capabilities responsive to the changing requirements of jurisdictional regulations for e-discovery and data privacy.
I am very excited to share this news with you today. The combination of Exterro and Jordan Lawrence brings together the leading providers of e-discovery, data inventory, and data privacy solutions on the market, giving organizations access to a fully integrated software platform capable of managing, securing, and producing the data required by a wide range of regulatory regimes. With these expanded capabilities, Exterro will enable our clients to address their regulatory, compliance and litigation risks more effectively and at lower costs. We’re entering a new age in terms of our relationship with data, and organizations must be responsive to this new environment, which recognizes that data belongs not to the entity who gathers it, but rather the individuals that produce it.
We’re here to help you navigate these legal requirements, but more importantly manage the business risks and seize the opportunities afforded by this exciting new data environment. With our combined technology, we’re looking forward to helping you:
- Understand the data you control
- Define precisely where it exists inside your IT infrastructure
- Secure, access, retrieve, and manage it in accordance with both regulations and business needs
I'm looking forward to discussing the transformation in the information governance, data privacy, and e-discovery industry further as we Exterro moves forward on this exciting path!