Should a third-party monitor have been required due to the pace of firing and the level of access provisioned without regard for sensitivity? How about ensuring adequate retention of log files for over seven years? Why do lawyers think they know both IT and Cyber Security?