Cybersecurity is a huge concern for the global law firm and major corporation, and no one understands this better than Daniel Garrie. Garrie is the executive managing partner for Law & Forensics, a boutique legal strategy and forensics firm that works with clients across industries to address privacy, e-discovery and forensic issues in the U.S. and abroad. He is also Partner at Zeichner, Ellman and Krause and WW Head of Cybersecurity Practice He will be lending his expertise to the Thomson Reuters 5th Annual Law Firm COO/CIO/CFO Forum in New York on June 3rd.
A background in computers helps Garrie understand the unique dangers posed by hackers and the need for cybersecurity. He studied Computer Science, working at startups before pursuing law school. Garrie has written for many well-known publications, including the Huffington Post, Law360, and the Daily Journal. He is also the Editor-in-Chief of the Journal of Law & Cyber Warfare and on the Editorial Board of the Beijing Law Review. He writes extensively on the intersection of software and legal responsibilities.
Garrie encourages law firms and lawyers at all levels in those firms to be aware of the issues surrounding data privacy and data security. He says, “Privacy and cybersecurity has become tantamount in all size law firms. There is a plethora of overarching issues all in house lawyers should be on the lookout regarding cybersecurity . . . I often tell the COO it is a material business issue because if all of emails, documents, and other data elements are released by hackers it will have a meaningful if not fatal impact on the law firm itself.” As previous high profile data breaches demonstrate, the potential for emails to be leaked and publicized is very real. Considering the sensitive nature of many law firm matters and the importance of confidentiality to clients; it’s not difficult to imagine how devastating leaked emails could be to a law firm.
There is clearly work to be done on many levels as this issue becomes better understood. Garrie points out that legislation has a role to play, but it is not a “silver bullet.” Legislation that facilitates “effective cyber threat sharing” would be an asset to consumers and businesses, in Garrie’s view. The FTC also could be helpful--especially “in driving the importance of cybersecurity through education.” Raising awareness of the importance of cybersecurity and exactly what is at risk is an important first step for companies and consumers. Additionally, Garrie points out the FTC can emphasize cybersecurity and a company’s responsibility in regards to cybersecurity by “utilizing all the resources at their [FTC] disposal to pursue organizations that disregard their cybersecurity obligations.” These matters are clearly complicated and specialized--which emphasizes how important it is for law firms to educate their leadership and put strong plans in place. Garrie notes that “I am seeing a great deal of collaboration between CFOs, CIOs, and COOs around dealing with client and employee data elements.”
Garrie will be speaking at the Thomson Reuters Fifth Annual Law Firm COO/CIO/CFO Forum in New York on June 3rd. This conference will focus on the global law firm and the need for data privacy and security. Garrie will lead a panel titled: “Beyond the Client Audit: Law Firm Considerations & Strategies Around Cyber Liability Insurance.” This discussion will center on how law firms can protect themselves in the event of a breach, and examine cyber security insurance as a supplemental risk mitigation plan. You can learn more about the conference and the agenda here.