Hiring law firm in wake of data breach gives companies the secrecy of privilege

Many law firms are getting into the cybersecurity game

When data breaches hit, some companies are turning to law firms for help.

Typically when facing down a hacker, a company would retain a forensic investigator, the Wall Street Journal reports. But companies who go with law firms instead get the advantage of secrecy in the form of attorney-client privilege.

For a company that suffers a data breach, the breach itself is only the beginning of its problems. Litigation often follows on the heels of a breach, as well as drawing the attention of regulatory authorities. For example, Nationwide Mutual Insurance Co. in October suffered a breach in which a hacker stole the personal data of about 1 million people, which resulted in a Federal Bureau of Investigation probe and other regulatory investigations as well as lawsuits seeking class-action status.

When a company is under the microscope like that, a little secrecy can be a welcome thing. For example, if a law firm, rather than the company itself, contacts a forensic investigator, privilege can keep the company’s own investigation from being used against it in litigation.

Nationwide retained Ropes & Gray to help it with its situation, but other law firms, including Alston & Bird and Steptoe & Johnson, are getting into the cybersecurity game as well.


For more InsideCounsel coverage of cybersecurity, see below:

Reuters journalist charged in Anonymous hacking conspiracy

EU regulators warn of mobile app privacy concerns

Technology: 4 practical tips for improving critical infrastructure cybersecurity

Obama signs executive order on cybersecurity

Join the Conversation

Advertisement. Closing in 15 seconds.