The news of recent high-profile law firm data breaches may have left corporate legal team leaders with fears of data breaches by hackers, especially at their outside law firms.
Now, legal experts advise that corporate legal teams should work closely with their law firms to determine if there are any cybersecurity issues to be concerned about and what to do about data breaches if they should occur.
In this new white paper from Thomson Reuters’ Legal Executive Institute, entitled Enhancing Cybersecurity & Avoiding Data Breaches: What Can Law Firms Do?, the authors examines what law firms can do to reassure clients and what actions corporate clients will want, beyond assurances.
Within a period of several days in late-March and early-April, news broke that hackers had breached security at law firm giants Cravath, Swaine & Moore and Weil, Gotshal & Manges in search of non-public M&A deal information that could be used for illegal trading. Cravath admitted a “limited breach of its IT systems”, which occurred last summer, while Weil has thus far declined to comment.
One General Counsel at a major Fortune 500 company suggested that because of these recent breaches cybersecurity issues at outside law firms would be foremost on the minds of corporate counsel, especially if it wasn’t in the past. “It is going to be a focus for all companies now,” the GC said, asking not to be identified. “If it wasn’t at the top of mind before, it will be now.”
The news about Cravath and Weil followed similar news reports about a Russian cyber-hacker who had sought to break into computer systems at 48 top law firms — many in the Am Law 100. The hacker also was looking for deal information he could use to profit in the stock market.