In a recent video segment, “What Do You Do with a Hacked Law Firm?”, from Mimesis Law’s Cy-Pher Executive Roundtable held in May, Lisa Sotto, chair of the firm’s Global Privacy and Cybersecurity practice, and other privacy professionals discussed the Federal Trade Commission’s jurisdiction in bringing enforcement actions against law firms in a breach event. “There’s no reason why law firms are exempt from [those actions],” says Sotto. However, if the information lost is financial information or trade secrets rather than personal information, “it’s not as simple.” She also discusses how law firms can manage their reputational risk and harm. Sotto says, “If somebody wants to get into your system, they will get in. The trick is being more secure than the next guy.”

View the video.