From: Inside Counsel
A couple of years ago, when the IT focus of a law firm was on document management and perhaps mulling the billable virtues of e-discovery, cybersecurity was well over the horizon.
***
Clients are the New Regulators
With an alphabet soup of regulators and laws, it’s no wonder that the clients of law firms are now taking cybersecurity seriously. It’s a big stakes loss in the event of a data breach, and it’s the kind of breach that will not go unnoticed. In fact, SEC regulations, HIPAA and PII all have disclosure requirements meaning that a law firm cannot quietly go about business while keeping the story out of the press.
That is why today, more law firms are receiving cyber due diligence questionnaires (DDQs) from their clients. As regulators such as the SEC tighten their rules, implications now reach their vendors; most notably legal services.
Leave a Reply