With Remote Working, Legal Departments May Be Addressing Cybersecurity on Multiple Fronts
The prevalence of remote working could be changing the way that some corporate legal departments and their organizations think about cybersecurity, but that also means reevaluating privacy and data protection risks as well.
June 17, 2020 at 03:20 PM
3 minute read
While remote working certainly isn't a novel phenomenon, the COVID-19 pandemic caused the scale of workers conducting business from home to build sizably, a trend that may not even completely reverse itself once shutdowns have lifted. The implication for corporate legal departments likely won't be a complete cybersecurity overhaul, but instead a very deliberate reexamination of how they are protecting their networks and evaluating data privacy risks.
Ken Jenkins, principal and founder of the cybersecurity solutions provider EmberSec, had previously told Corporate Counsel that one of his clients had begun to focus more on securing the organization's endpoints than the corporate office. But such an undertaking is also not without its complications.
"The threat obviously is that your corporate enterprise still has solutions that need to be secure and while you are in transition and trying to figure that out, your attack surface remains, right?" Jenkins said.
Of course, just how far along a given company is in that transition will likely vary from organization to organization. But Christopher Ballod, vice chairman of the data privacy and cybersecurity practice at Lewis Brisbois Bisgaard & Smith, noted that while the gradual shift to remote working predates COVID-19, many corporate legal departments and businesses were likely not prepared for huge portions of the enterprise to swing in that direction all at once.
For many organizations, the overall urgency of the requisite cybersecurity adjustments can become a question of risk, balancing not only the health of the network but repercussions stemming from data privacy laws such as the General Data Protection Regulation or the California Consumer Privacy Act.
Ballod explained that corporate legal departments are emphasizing those risks even as some companies continue to prioritize business continuity. "So I'm seeing that people have sounded the alert or at least are aware that, 'Look, if our data goes out the door, we have legal obligations, potential liability and brand dilution and other risks,'" Ballod said.
Those considerations may continue to present themselves as companies mull new security measures to put into place around remote working. Dyann Heward-Mills, CEO of the data protection office HewardMills, indicated that it would be wise for organizations to perform data risk assessments around new security technologies or processes being implemented.
The object is to document the process in the event that it falls under regulatory scrutiny. "If there is a failure somewhere or an incident or a breach, at least there is the audit trail in evidence that the risks were properly assessed, they were documented, they were escalated and mitigated," Heward-Mills said.
But what systems specifically might corporate legal departments be looking at to help drive security in the age of remote working? Christopher Zegers, director of consulting services, legal at Ivionics, said that legal departments who have embraced document management systems are in a much better position than those where attaching files to email is still the practice in vogue.
He argued that having a central data location as opposed to employees saving a document to their personal drive or email accounts can prevent sensitive data from circulating and duplicating. But many legal departments may have some work yet to do in that area.
"There's still a lot out there that haven't gotten there yet," Zegers said.
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View All'Incredibly Complicated'? Antitrust Litigators Identify Pros and Cons of Proposed One Agency Act
5 minute readAfter Botched Landing of United Airlines Boeing 767, Unlikely Plaintiff Sues Carrier
5 minute readInside Track: Why Relentless Self-Promoters Need Not Apply for GC Posts
Law Firms Mentioned
Trending Stories
- 1The Law Firm Disrupted: Scrutinizing the Elephant More Than the Mouse
- 2Inherent Diminished Value Damages Unavailable to 3rd-Party Claimants, Court Says
- 3Pa. Defense Firm Sued by Client Over Ex-Eagles Player's $43.5M Med Mal Win
- 4Losses Mount at Morris Manning, but Departing Ex-Chair Stays Bullish About His Old Firm's Future
- 5Zoom Faces Intellectual Property Suit Over AI-Based Augmented Video Conferencing
Who Got The Work
J. Brugh Lower of Gibbons has entered an appearance for industrial equipment supplier Devco Corporation in a pending trademark infringement lawsuit. The suit, accusing the defendant of selling knock-off Graco products, was filed Dec. 18 in New Jersey District Court by Rivkin Radler on behalf of Graco Inc. and Graco Minnesota. The case, assigned to U.S. District Judge Zahid N. Quraishi, is 3:24-cv-11294, Graco Inc. et al v. Devco Corporation.
Who Got The Work
Rebecca Maller-Stein and Kent A. Yalowitz of Arnold & Porter Kaye Scholer have entered their appearances for Hanaco Venture Capital and its executives, Lior Prosor and David Frankel, in a pending securities lawsuit. The action, filed on Dec. 24 in New York Southern District Court by Zell, Aron & Co. on behalf of Goldeneye Advisors, accuses the defendants of negligently and fraudulently managing the plaintiff's $1 million investment. The case, assigned to U.S. District Judge Vernon S. Broderick, is 1:24-cv-09918, Goldeneye Advisors, LLC v. Hanaco Venture Capital, Ltd. et al.
Who Got The Work
Attorneys from A&O Shearman has stepped in as defense counsel for Toronto-Dominion Bank and other defendants in a pending securities class action. The suit, filed Dec. 11 in New York Southern District Court by Bleichmar Fonti & Auld, accuses the defendants of concealing the bank's 'pervasive' deficiencies in regards to its compliance with the Bank Secrecy Act and the quality of its anti-money laundering controls. The case, assigned to U.S. District Judge Arun Subramanian, is 1:24-cv-09445, Gonzalez v. The Toronto-Dominion Bank et al.
Who Got The Work
Crown Castle International, a Pennsylvania company providing shared communications infrastructure, has turned to Luke D. Wolf of Gordon Rees Scully Mansukhani to fend off a pending breach-of-contract lawsuit. The court action, filed Nov. 25 in Michigan Eastern District Court by Hooper Hathaway PC on behalf of The Town Residences LLC, accuses Crown Castle of failing to transfer approximately $30,000 in utility payments from T-Mobile in breach of a roof-top lease and assignment agreement. The case, assigned to U.S. District Judge Susan K. Declercq, is 2:24-cv-13131, The Town Residences LLC v. T-Mobile US, Inc. et al.
Who Got The Work
Wilfred P. Coronato and Daniel M. Schwartz of McCarter & English have stepped in as defense counsel to Electrolux Home Products Inc. in a pending product liability lawsuit. The court action, filed Nov. 26 in New York Eastern District Court by Poulos Lopiccolo PC and Nagel Rice LLP on behalf of David Stern, alleges that the defendant's refrigerators’ drawers and shelving repeatedly break and fall apart within months after purchase. The case, assigned to U.S. District Judge Joan M. Azrack, is 2:24-cv-08204, Stern v. Electrolux Home Products, Inc.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250