Main Menu
Photo of Karen Painter  Randall

Karen Painter Randall

Chair, Cybersecurity and Data Privacy


Karen Randall is founder and chair of the Cybersecurity and Data Privacy practice, co-chair of the Professional Liability practice and a senior trial counsel at Connell Foley. She represents clients in complex litigation, and regulatory compliance and defense matters involving cybersecurity, data protection and privacy, social media and professional liability. Karen provides counsel and advocacy in federal and state courts for both professionals and businesses across a broad range of industries.

Karen has an extensive background counseling lawyers and law firms, health care entities, financial institutions and retail clients by providing proactive plans to address the myriad cyber risks they each face. She serves as a "breach response coach" across various industries, as well as for cyber insurance carriers, and offers strategic solutions related to post-breach matters including statutory notification requirements, class action litigation, regulatory enforcement actions, forensics and crisis management. Karen also helps companies conduct risk/security assessments, as well as implement data security and information governance policies and procedures, and security awareness training for employees. 

In addition, Karen maintains a strong professional liability practice, working closely with law firms, health care and assisted living institutions, architects and engineers, directors and officers and accountants. In her complex litigation work, she handles premises liability matters for major retailers and substance abuse treatment centers as well as amusement parks, concert venues and bowling centers. She defends these entities against diverse claims, including significant sexual molestation and elder abuse matters.

A member of the International Association of Privacy Professionals (IAPP) and co-chair of its New Jersey KnowledgeNet Chapter, Karen is integral to numerous efforts to educate lawyers on information security and the ethics of data protection. She received two ABA presidential appointments to serve on the Cybersecurity Legal Task Force and the Standing Committee on Lawyer’s Professional Liability. She is a founder and co-chair of the New Jersey State Bar Association’s Cybersecurity Legal Task Force. Karen also serves as vice chair of the USLAW Network Cybersecurity and Data Privacy Group and co-chaired the Claims and Litigation Management Alliance's (CLM) NYC Cyber Summit. In addition, she is a member of the HIMSS' Security and Privacy committee. Karen was selected by Bloomberg BNA to serve as its New Jersey Contributing Editor on cyber and privacy issues for Bloomberg Law: Privacy & Data Security, focusing on the regulatory and compliance landscape of data protection laws in the U.S. and around the world. Most recently University of South Carolina School of Law selected Karen to lead it's Cybersecurity Legal Task Force and serve as Director of the Cybersecurity Institute. 

A Fellow of the American Bar Foundation, Karen was appointed by Chief Justice Stuart Rabner to serve on the Board on Civil Trial Certification. 

Karen's commitment to leadership, frequent speaking and writing underscore her trailblazing impact on the cybersecurity landscape. 


Professional Affiliations

  • International Association of Privacy Professionals (IAPP)
    • Member
    • Co-chair, New Jersey KnowledgeNet Chapter
  • Bloomberg BNA Cybersecurity and Data Privacy
    • New Jersey Contributing Practitioner
    • Women's Connection Leadership and Speaker
    • National Chair - USLAW Network Fall Conference
    • Vice Chair - USLAW Cybersecurity & Data Privacy
      • Co-chair and Instructor, Cybersecurity and Privacy Bootcamp
    • Chair - Professional Liability Leadership Committee
    • USLAW Women's Steering Committee
    • Speaker
      • Managing Partner Forum
      • TELFA Crossborder Meeting
      • Liability Exchange 
  • American Bar Association
    • Presidential Appointments
      • Standing Committee on Lawyers' Professional Liability
      • Cybersecurity Legal Task Force
    • Professional Liability Board Litigation Committee
    • Contributor - LPL E-Advisory  (Legal and Cyber)
    • Section Member - Science and Technology Law
  • Association of Corporate Counsel (ACC) Foundation
    • Advisory Board Member - 2019 ACC Foundation Cybersecurity Summit
  • New Jersey State Bar Association
    • Founder and Co-chair - Cybersecurity Legal Task Force
  • University of South Carolina School of Law

    • Director, Cybersecurity Institute
    • Adjunct Professor, Cybersecurity
  • Claims and Litigation Management Alliance
    • Member - Cyber Liability Committee
    • Co-chair - 2016 Cyber Liability Summit in New York City 
    • Northeast Regional Chair
    • New Jersey State Chair
    • President - Northern New Jersey CLM Chapter
    • American Law Journal - Professional Liability Editorial Board
    • Contributor - Around the Nation Newsletter
  • Defense Research Institute (DRI)
    • Professional Liability Advisory Committee
    • Data Breach and Privacy Law Committee
  • Healthcare Information and Management Systems Society (HIMSS) - NYS Chapter
    • Member - Security & Privacy Committee
      • Legal/Regulatory Subcommittee
  • Supreme Court of New Jersey, Board on Trial Certification
    • Board Member, Appointed by New Jersey Chief Justice Rabner
  • National Association of Women Lawyers
    • National Mentor
  • Professional Liability Underwriters' Society
  • New Jersey Business and Industry Association
    • Law and Technology Section


  • Speaker, "Breaking Down Wire Fraud," NetDiligence® Cyber Risk Summit; Santa Monica, CA (October 2019)
  • Speaker, "Managing Cyber Security Risk in a Digital World," School Pool for Excess Liability Limits Joint Insurance Fund (SPELL JIF); Mount Laurel, NJ (July 2019)
  • Speaker, "Cyber: One Step Ahead — The Evolving Nature of Wire Transfer Fraud and Business Email Compromise," 2019 CLM Cyber, Management, and Professional Liability Conference; Boston, MA (July 2019)
  • Speaker, "The History of Women in the Workplace – Where Have We Been and Where Are We Going?" The USLAW Women's Connection: Cape Neddick, ME (June 2019)
  • Speaker, "Privacy and Data Security Legal and Ethical Obligations for Lawyers," Fourth National Institute on Cybersecurity and Data Protection: A Law Firm's Responsibility in Managing Data Risk, NYU Law; NYC, NY (June 2019)
  • Moderator, "Cyber Claims Handling Best Practices Workshop," NetDiligence® CyberRisk Summit; Philadelphia, PA (June 2019)
  • Moderator, "Law Firms and the Cybersecurity Crisis: Be Prepared or Face the Consequences," NJSBA Annual Conference; Atlantic City, NJ (May 2019)
  • Speaker, "Here Today, Gone Tomorrow: Business Email Compromise," 2019 Cybersecurity Legal Institute; University of South Carolina (April 2019)
  • Speaker, "Cyber Hot Seat: Current Affairs Q&A," NetDiligence Cyber Risk Summit; Hamilton Princess & Beach Club, Bermuda (March 2019)
  • Speaker, "Local Governments’ Cybersecurity Crisis: Be Prepared or Face the Consequences," Mayors' Meeting; Arcola Country Club, NJ (March 2019)
  • Speaker, "Ransomware: A Massive and Paralyzing Cyber Threat Facing Organizations in 2019," University of South Carolina School of Law's Cybersecurity Legal Task Force Webinar (February 2019)
  • Speaker, "Cyber Insurance Update: What is the Latest?” at the Association of Corporate Counsel (ACC) Foundation Cybersecurity Summit; Washington, DC (January 2019)
  • Speaker, "The Power of Innovation-The Exploding Cybersecurity Threat Affecting Lawyers and Bar Associations," National Conference of Bar Presidents, ABA Midyear Meeting; Las Vegas, NV (January 2019)
  • Speaker, "Terrorism and Cyberterrorism Discussion," 2019 United Motorcoach Association's (UMA) Motorcoach Expo; Fort Lauderdale, FL (January 2019)
  • Speaker, "Incident Response Planning," NJSBA 2nd Annual Cybersecurity Institute; New Brunswick, NJ (December 2018)
  • Speaker, "So You're Under Attack: Simulating The Financial and Business Impacts of Cyber Attack," AICPA & CIMA Cyber Security U.S Conference; New York, NY (November 2018)
  • Speaker, "Here Today, Gone Tomorrow: Wire Transfer Fraud and Professionals," 2018 DRI Professional Liability Seminar; New York, NY (November 2018)
  • Speaker, "Navigating Cybersecurity from Cradle to Grave," SC Logistics Tech Talk Seminar; Charleston, SC (October 2018)
  • Speaker, "A 2018 Cybersecurity Report for Enterprise Leadership," CIANJ Executive Forum Meeting; Florham Park, NJ (October 2018) 
  • Moderator, "Wire Fraud Transfer," ABA Fall 2018 National Legal Malpractice Conference; Las Vegas, NV (September 2018)
  • Speaker, "Cybersecurity: Imposing New Legal Dilemmas," ATA Forum for Motor Carrier General Counsel; Santa Ana Pueblo, NM (July 2018)
  • Speaker, "Darkest Hour? Shining a Light on Cyber Ethical Obligations," ABA Cybersecurity Legal Task Force - Cybersecurity Wake-Up Call: The Business You Save May Be Your Own web series (June 2018)
  • Speaker, "The Internet of Things - Transforming Your Business," 2018 NJBIA Cybersecurity Summit; Newark Airport Marriot, NJ (June 2018)
  • Moderator, "Chief Information Security Officer Cyber Risk Roundtable," Swimming with the Cyber Sharks - HIMSS New Jersey Chapter Spring Event; Long Branch, NJ (June 2018)
  • Panelist, "Breach Response: Be Prepared or Face the Consequences," Metro Women's Leadership Summit; Newark, NJ (June 2018)
  • Speaker, "Law Firms: The Soft Underbelly of Cybersecurity," 2018 USLAW Network Professional Liability Exchange; Jersey City, NJ (May 2018)
  • Speaker, "Essential Strategies for Insuring GDPR Exposures: What You Need to Know About Cyber Insurance for GDPR Liabilitis," NJICLE webinar (May 2018)
  • Moderator, "The Procrastinator’s Guide to the General Data Protection Regulation (GDPR): What to prioritize and how to do it," IAPP New Jersey KnowledgeNet Chapter meeting; Roseland, NJ (May 2018)
  • Speaker, "What Security Nightmares Keep Law Firm Management Up at Night," American Bar Association (ABA) webinar (March 2018)
  • Speaker, "The Good, the Bad and the Ugly: Addressing the Cyber Risk Across the Legal Services Supply Chain," 7th Annual ASU-Arkfeld eDiscovery and Digital Evidence Conference; Phoenix, AZ (March 2018)
  • Speaker, “IoT and Mobile Applications,” USLAW NETWORK Data Privacy & Security Boot Camp; Dallas, TX (March 2018)
  • Speaker, "Cyber Insurance," USLAW NETWORK Data Privacy & Security Boot Camp; Dallas, TX (March 2018)
  • Speaker, "Disaster Recovery: Preparing for Both Natural and Cyber Disasters and Protecting Firm and Client Data," USLAW Network Managing Partners Forum; Dallas, TX (February 2018)
  • Speaker, “Ethical Issues of Artificial Intelligence in the Practice of Law,” South Carolina Law Review Symposium; University of South Carolina School of Law, Columbia, SC (February 2018)
  • Speaker, "Ransomware: New Epidemic Occurences Can Be Fatal to Your Business," Cyber Resilience program; Ramapo College, NJ (November 2017)
  • Speaker, "Practical Cybersecurity Risk Management Strategies for Solos, Law Firms, In-House Counsel and Government Attorneys,"NJSBA Cybersecurity Institute program; New Brunswick, NJ (November 2017)
  • Speaker, "I've Been Hacked! Do I Have Insurance?  Cybersecurity Regulations & Insurance Issues," New York City Bar Association program; New York, NY (September 2017)
  • Speaker, "Population Health and Information Security," Security, Privacy & Compliance Committee webinar; New Jersey Chapter of the Healthcare Information Management Systems Society (NJHIMSS) (September 2017)
  • Moderator, "Artificial Intelligence and the Coming Age of the Superhuman Lawyer,"  American Bar Association's (ABA) Fall 2017 National Legal Malpractice Conference; Colorado Springs, CO (September 2017)
  • Speaker, "Six Steps to Getting Closer to Law Firm Cybersecurity," New Jersey State Bar Association (NJSBA) webinar (August 2017)
  • Speaker, "Exercising Cybersecurity Due Diligence in Mergers and Acquisitions," 2017 CLM Management & Professional Liability Conference; Boston, MA (July 2017)
  • Speaker, "Leading Organizations through an Era of Change,” New York State chapter of the Healthcare Information and Management Systems Society (HIMSS); Yankee Stadium, New York, NY (June 2017) 
  • Speaker, "Billions of Ways the IoT Poses Risk to the Enterprise,” Kean University's Internet of Things program; Union, NJ (June 2017)
  • Speaker, “Protecting Your Data: Guarding Against Cyber Attacks and Security Breaches,” USLAW Women’s Connection; Lake Tahoe, NY (June 2017)
  • Speaker, “Data Security Risk Assessments: The Gold of Due Diligence,” ABA’s Spring 2017 National Legal Malpractice Conference; Boston, MA (April 2017)
  • Speaker, “The New Normal: Law, Technology, and Innovation,” 6th Annual ASU-Arkfeld eDiscovery and Digital Evidence Conference; Phoenix, AZ  (March 2017)
  • Speaker, "HIPAA" and "Handling a Data Breach from the Beginning," USLAW NETWORK 2016 Data Privacy and Security Boot Camp; Dallas, TX (November 2016)
  • Speaker, “The Brave New World of HIPAA Enforcement,” Claims & Litigation Management Alliance (CLM) 2016 Cyber Liability Summit; New York, NY (October 2016)
  • Speaker, “Data Privacy Issues and Concerns with International Business,” USLAW/TELFA Cross Border Business and Transactions Exchange; Chicago, IL (September 2016)
  • Speaker, “The Fundamentals of Data Protection at Work,” Fall 2016 USLAW NETWORK Client Conference; Colorado Springs, CO (September 2016)
  • Speaker, “Legal Considerations in Practice Management and Technology,” New Jersey State Bar Association Technology Symposium; New Brunswick, NJ (July 2016)
  • Speaker, “RANSOMWARE: A Global Threat to Local Business,” Kean University Ransomware Symposium; Union, NJ (June 2016)
  • Speaker, “Leveraging Technology for Transitions of Care,” HIMSS New Jersey’s Chapter’s Spring Event; New Brunswick, NJ (June 2016)
  • Speaker, “Compliance Strategies for the C-Suite: The Regulatory Landscape for Cybersecurity,”  NJBIA Cybersecurity Summit; Bridgewater, NJ (May 2016)
  • Speaker, “Blurred Line Between Work and Private Time: Acceptable and Unacceptable Monitoring of Employees in the Social Media Age,” Spring 2016 USLAW Network Client Conference; Rancho Palos Verdes, CA (April 2016)
  • Moderator, “Legal Project Management: A Simple Concept Based on Common Sense,” National Legal Malpractice Conference; New Orleans, LA (April 2016)
  • Speaker, “EMV Chip and Pin Implementation and the Anticipated Litigation,” Data Breach & Privacy Litigation and Enforcement Conference; Philadelphia, PA (March 2016)
  • Speaker, “The First 72 Hours: Responding to a Data Breach Quickly and Effectively to Minimize Risk and Get Back to Business,” ASU-Arkfeld eDiscovery and Digital Evidence Conference; Tempe, AZ (March 2016)
  • Speaker, “Reputation & Risk: Corporate Reputation & Social Media in Healthcare,” Healthcare Technical Solutions, LLC’s webinar (February 2016)
  • Speaker, "Cleaning Out the Data Classification Closet," The Voice of the Defense Bar (DRI) Data Breach and Privacy Law Seminar; Chicago, IL (November 2015)  
  • Speaker, “Be Prepared or Face the Consequences,” Claims and Litigation Management Alliance (CLM) Cyber Liability Summit; New York, NY (October 2015)
  • Speaker, “Point of Sale Litigation: Update on Cyber and Other Point of Sale Threats,” 2015 USLAW Network Retail & Hospitality Law Exchange; Chicago, IL (October 2015)
  • Speaker, “Houston, We Have A Problem! (The Mechanics of Data and IP Breach),” Guarding the Company Jewels: Data Security & Privacy, IP and Reputation Management, Fall 2015 USLAW Network Client Conference; Boston, MA (September 2015)
  • Speaker, "Thought Leader Speaker Series," Eyes on Cyber, Cyber Security Conference 2015 (June 2015)
  • Speaker, "Legal Project Management – Planning to Win," Claims & Litigation Management Alliance (CLM) Annual Conference; Palm Desert, CA (March 2015)
  • Moderator, “Evaluating Cyber Liability Insurance Policies: What You Should Know to make a Purchasing Decision,” Webinar, American Bar Association (March 2015)
  • Speaker, “Mechanics of a Data Breach and Initial Response – Assembling the Team and Recovery of Damages, Indemnification Claims, Subrogation and Affirmative Use of Contractual Limitations and Remedies Provisions,” Protecting Your Business in the Digital Age, 2015 USLAW Network Legal Leaders & Corporate Counsel Exchange; Chicago, IL (March 2015) 
  • Speaker, "How to Be Secure in an Unsecure World," Claims and Litigation Management (CLM) two-day Retail, Restaurant and Hospitality Conference; Orlando, FL (February 2015)
  • Speaker, "Technology's Rapidly Growing Impact on the Practice of Law and Insurance Industry," Driving the Dialogue: USLAW’s Professional Liability Exchange 2014 (June 2014)
  • Speaker, "Warning! Pitfalls to Avoid in the Changing Technological Climate" - Technology Trends That Are Transforming the Insurance Industry and Practice of Law, Claims & Litigation Management Alliance; Chicago, IL (July 2014)
  • Speaker, "Top Ten Rainmaking Tips," USLAW Women's Connection Meeting; Sea Island, GA (March 2014)
  • Speaker, “Warning! Pitfalls to Avoid in the Changing Technological Climate” - Technology Trends That Are Transforming the Insurance Industry and Practice of Law, CLM Conference; Boca Raton, FL (2014)
  • Speaker, “Technology’s Rapidly Growing Impact on Standard of Care and Practice of Law,” CLM Conference; San Antonio, TX (2013)
  • Speaker, "Professional Liability Five Minute Drill," USLAW Fall Conference; Washington, DC (2012)
  • Speaker, "Litigation Management and the IPAD," USLAW Conference; Dana Point, CA (2012)
  • Speaker, “Social Media in the Workplace and Litigation Coverage in New Jersey,” Webinar, Hartford Financial (2012)
  • Speaker, "Reducing Law Firm Risk," USLAW Conference; Colorado Springs, CO (2010)
  • Speaker, "Success in a Changing Economy," USLAW Women's Conference Roundtable; Dallas, TX (2009)
  • Speaker, “Developing Client Relationships,” Webinar, USLAW Women's Group (2009)
  • Speaker, “Advising Clients on Procuring and Using Insurance to Address Intellectual Property Lawsuits,” Webinar, American Intellectual Property Law Association (2009)
  • Speaker, "Minimizing Legal Malpractice Claims;” Baltusrol Golf Club, Springfield, NJ (2009)
  • Speaker, "In-House Counsel and Insurance Claims’ Criteria for Outside Counsel:  A Safe Bet, Penny Ante or All In?" USLAW Professional Liability Conference; Las Vegas, NV (2008)
  • Speaker, Best Practices Roundtable, USLAW Women's Conference; Chicago, IL (2008)
  • Speaker, “Professional Liability and Insurance/Bad Faith,” USLAW Roundtable; Las Vegas, NV (2008)
  • Speaker, “Business Generation in the Insurance Industry,” USLAW Professional Liability Fly-In Meeting; New York, NY (2008)
  • Speaker, “How to Best Use an Expert in Professional Liability Litigation;” Washington, DC (2007)
  • Moderator, Director and Officer Claims Coverage Issues, ABA Midyear Meeting; Tucson, AZ (2006)
  • Moderator, Director and Officer Claims Coverage Issues, ABA Midyear Meeting; Tucson, AZ (2005)
  • Moderator, Director and Officer Claims Coverage Issues, ABA Midyear Meeting; Tucson, AZ (2004)
  • Speaker, “Legal Malpractice Claims and Coverage Issues,” ABA Midyear Meeting; Tucson, AZ (2003)
  • Speaker, “Healthcare−Elder Abuse Claims and Coverage Issues,” ABA Midyear Meeting; Tucson, AZ (2002)
  • Speaker, “Construction Defect Claims,” ABA Midyear Meeting; Tucson, AZ (2001)
  • Speaker, “ERISA: Coverage and Claims Issues,” ABA Midyear Meeting; Tucson, AZ (2000)
  • Speaker, “Professional Liability of Architects,” CNA Insurance, Co. (2000)
  • Speaker, “Risk Management for Large Law Firms,” CNA Insurance, Co.; Chicago, IL (1999)
  • Speaker, “Risk Management for Dentists,” NJ Dental Association; Atlantic City, NJ (1990-1994)

News & Insights


Speaking Engagements


Blog Posts


Certified Civil Trial Attorney

Fellow, American Bar Foundation

NJ Digi-Tech Innovators Awards, NJBIZ (2019)

Diverse Attorneys of the Year, New Jersey Law Journal (2017)

New Jersey’s Women Leaders in Law, Complex Litigation (2013)

National Finalist, CLM Litigation Management Professional of the Year (2012)

Best 50 Women in Business in New Jersey, NJBIZ (2012)

Top 50 Female, New Jersey Super Lawyers

Top 100, New Jersey Super Lawyers

Prominent Woman Among Women and Minority Attorneys in New Jersey, New Jersey Law Journal


  • Hon. J. Emmet Cassidy of New Jersey Superior Court


Advanced Legal Management Program, Montclair State University School of Business

University of South Carolina School of Law (J.D.)

University of South Carolina (M.A., Public Administration)

University of South Carolina (B.A., Honors College)


Back to Page