What Do You Do With A Hacked Law Firm?
June 10, 2016 (Mimesis Law) – Almost as complex as the tech is the question of enforcement. If a law firm has a breach, who is in charge of making sure the firm makes it right? Our panel discusses the possibilities. Lisa Sotto, Partner at Hunton & Williams, talks about the jurisdiction of the Federal Trade Commission for potentially bringing enforcement actions against law firms in the event of a breach and loss of personal information; however, when it comes to trade secrets, it is less clear which body could enforce such an action. Mark Seifert, Partner at the Brunswick Group, believes this is a self-correcting process, emphasizing that a law firm’s investment in protecting itself from threats pays off in the long run in terms of retaining partners and conserving its reputation. Donald G. Aplin, of Bloomberg BNA, discusses the cost analysis involved for law firms to factor the costs of hacking prevention into their overall cost structure. However, Kevin Chalker, CEO of GRA Quantum, highlights the cost benefit for law firms to take preventative measures; for instance hiring a security firm to conduct penetration testing, employee training etc, versus the much higher penalties they could faced from the SEC if in breach.