Cybersecurity is becoming a more pressing topic in the legal industry. I’m finding that more law firms are talking about cybersecurity and the associated legal exposure. The issue for law firms is both internal, protecting their businesses, as well as external, assisting with legal exposure for their clients. For many businesses, legal exposure is a key measure in managing cyber risk.
As a result, I want to share the following insight I received on this topic from a recognized cyber risk attorney and consultant, Douglas DePeppe. Mr. DePeppe has been centrally involved in national-level and leading commercial cybersecurity initiatives for a decade and is extremely knowledgeable on legal exposure as related to cyber risk.
How do you know whether your firm is doing enough to protect data privacy?
Data privacy has become a paramount concern – for regulators, for consumers, and even by the plaintiff bar. Just in the past few weeks, Marriott, British Airways and Facebook have been assessed fines in the hundreds of millions of dollars, and $5 Billion for Facebook! Law firms, meanwhile, have become the preferred targets for hackers. Given this exposure, has leadership at your firm taken ownership of managing cyber risk?
Being able to demonstrate “reasonable security” is rapidly becoming a leadership task in the cyber vertical. Having an incident response plan at the ready, procuring cyber insurance, inventorying assets and identifying risks, data destruction plans – these are some of the categories that leaders should address for managing cyber risk.
The laws around cybersecurity are expanding and courts are increasingly willing to allow causes of action arising from identity theft and the downstream risks from a cyberattack. Firms must avoid claims of negligence regarding their handling of client information. eosedge Legal is available to answer any questions that may arise from this blog. Please contact Doug DePeppe, Cyberlaw Attorney at doug@eosedgelegal.com or call him at 719.357.8025. www.eosedgelegal.com.
————————————–
I’m a proponent of reducing legal research costs within the law firm, that is, getting the needed resources at the best rates. Since most legal research involves accessing the Internet, how prepared is your firm in the event of a cyberbreach?
If there is any way I can help or if you would like to schedule a brief conversation, please feel free to contact me.