For years, company executives shrugged at the risk of having computers hacked.
No more. In the wake of a series of major corporate computer breaches, especially an egregious one at Sony Pictures Entertainment in Culver City late last year, businesses are rushing for cover.
Companies that long believed they could avert risk by installing special software to block hackers have quickly learned that doesn’t always work, said Marc Maister, a partner at Irell & Manella who is heading the firm’s cybersecurity practice, which launched last month.
“I think everybody’s starting to realize that no matter how robust your system is, there’s a chance you can still have a data incident,” Maister said.
That realization has fed a boom in demand for legal help in the area, said Michael Overly, a partner in the downtown L.A. office of Foley & Lardner who focuses on intellectual property and privacy issues.
“It’s now incredibly easy for even unskilled people to hack others,” Overly said. “There are tools online that teach you how to compromise systems.”
In addition to the loss of proprietary or confidential information, hacked businesses can now face between $700,000 and $3.5 million to remediate damages from a data breach.
That, in turn, has fed corporate spending on cybersecurity and data privacy legal services, which is expected to hit $1.5 billion nationwide this year, up 8 percent from last year. That growth is nearly three times the next-fastest growing practice sector, according to a recent report by market research firm BTI Consulting Group.
Yet despite the demand for more legal services, firms are struggling to find qualified attorneys, said Kristen Eichensehr, a professor of cybersecurity law at UCLA’s School of Law.
“It makes sense to start preparing students for cybersecurity practices,” she said. “Businesses need lawyers who know about data breach law and other cybersecurity issues on a daily basis.”
Complicating matters, data security laws and regulations vary by state and country. And then there’s the technology.
“You have to be very familiar with technology and how it works,” Overly said. “It’s difficult to instantaneously say, ‘I’m going to be a cybersecurity lawyer next week.’”
Because of that complexity, Overly said he regularly puts his two engineering degrees to work.
“There are really a lot of superb lawyers in this area, but there are not thousands,” said Michael Gold, co-chair of the data privacy group at Century City’s Jeffer Mangels Butler & Mitchell. “Some lawyers are really very knowledgeable about privacy laws; on the other hand, I have not seen a lot of lawyers in this space who really have a handle on the technology.”
For reprint and licensing requests for this article, CLICK HERE.
Stories You May Also Be Interested In
- Leaders in Law Finalists - Attorney Awards: CYBER SECURITY ATTORNEYS
- Report: More Class-Action Suits Coming Together
- Software Firm Scores Big in Video Game Hacks
- Still Only Human
- CUSTOM CONTENT: Preventing, Managing and Resolving Potentially Devastating Cyberattacks
- Data Attacks Open Up New Cyberspace for Firms
- Leaders in Law 2017 Nominees: How Safe Is Our Water Infrastructure from a Cyberattack?
- New Practice to Mount Defense Against Hackers