It wasn't too long ago when a client would call with a data breach issue and I would ask whether outside counsel was involved. And not just any outside counsel, but rather a lawyer well-versed in data security and privacy as well as the regulatory framework that the client falls within. Today, however, I ask two questions: First, is outside counsel involved and, second, do you have cyber insurance? I think these are two questions that should be answered affirmatively in order for our client to navigate and mitigate successfully the risks of a data security incident.
Sean Hoar, a partner with Davis Wright and Tremaine’s Security and Privacy Practice, has articulated very well the evolving role that lawyers are assuming and why cyber insurance will prove to be beneficial in these types of cases. The article underscores how lawyers need to think outside the box in order to advise clients in a more holistic and practical manner. That means advising clients on not only the legal ramifications, but also business risks that affect the bottom line.
By Alexander Gross, former Director of Business Development for Kroll's Cyber Investigations and Breach Response practice.