SLS Centers Co-Host Panel Discussion on Cybersecurity Concerns Facing the Legal Profession

Cybersecurity concerns governments, corporations, professional firms, and individuals today. How is the legal profession responding as cyber threats grow in number and sophistication? An event co-sponsored by Stanford’s Center on the Legal Profession (CLP) and the Rock Center for Corporate Governance on October 5, 2015, addressed this and related questions. Lucy Ricca, executive director of CLP, moderated as panelists Karl Hopkins, CSO and Partner at Dentons; Kevin Hulbert, President of XKGroup; Peter LaMontagne, CEO of Novetta; Tom Moyer, Chief Compliance Officer and Head of Global Security for Apple; and Ruby Zefo, Vice President, Law & Policy Group and Chief Privacy and Security Counsel at Intel Corporation shared their perspectives.

SLS Centers Co-Host Panel Discussion on Cybersecurity Concerns Facing the Legal Profession

The event, Cybersecurity and the Legal Profession: Significant Challenges and Unique Opportunities, looked at the nature of the current cyber threat, what law firms and legal departments are doing to protect themselves and their clients against cyber threats, the scope of risk involved when privileged information is stored or transacted in the cloud, and why lawyers working in the private and public sectors have taken on leadership roles in the cybersecurity space.

Organizations need not only to stop the potentially devastating cyber attacks that threaten them, panelists said, but also to understand who is targeting them and why. Call it risk management or cost-benefit analysis, but laying a foundation of infrastructure to protect information is an essential investment, the panel noted. What’s at stake is not only the organization’s intellectual property or personnel information but, more important, the trust of its customers – whether clients of a law firm or consumers of a technology company.

Even the tightest security systems can fail; how can an organization respond to an attack? Panelists discussed building a team of experts to monitor an organization’s system so that no incident goes undetected. Create a crisis management plan, test it thoroughly and frequently, and empower a decision-maker and a response team before an emergency. Enlist lawyers at every stage because they’re trained to see what matters in a complex situation and find a solution. From the top down, create a culture of compliance to minimize the risk of human error that can undermine any security system.

As more devices, programs, and channels gather and dispense information, leaders must keep an eye on their organization’s data and pay anything to protect it. “Like the law touches everything, cyber touches everything,” one panelist said.

Emily Hite is the content and communications manager for the Rock Center for Corporate Governance and the Steyer-Taylor Center for Energy Policy and Finance.

Leave a Comment