Law Firms Tout Cybersecurity CredApril 2, 2013
When Nationwide Mutual Insurance Co. discovered in October that a hacker had breached its systems and stolen personal details of roughly one million people, it put the internal probe in the hands of a law firm, rather than one of the forensic investigators typically retained for such incidents.
The insurer hired Boston-based Ropes & Gray LLP in part because the law firm could offer something a forensic firm couldn’t: attorney-client privilege and the secrecy it confers.
As data breaches and cybercrime become a bigger concern for companies, law firms are touting that secrecy in their efforts to win business. Law firms also help companies navigate the patchwork of federal and state laws governing public disclosures of data breaches.
The moves come as the Securities and Exchange Commission is pressing companies to be more forthcoming about attacks on their computer networks, and 47 states have enacted data-breach notification laws.