Exigent Technologies recently spun-off a new regulatory compliance and cybersecurity specialty business deemed Partners in Regulatory Compliance (PIRC). The new venture is geared towards helping clients prevent breaches or other related incidents before they happen.

If you've heard that one before, get in line. A variety of businesses, including law firms, have been expanding their range of cybersecurity offerings to accommodate consumer appetites in the wake of regulations like the EU's General Data Protection Regulation (GDPR) and the impending California Consumer Privacy Act. With legislation continuing to evolve, the opportunities in that field stand to become even more tantalizing.

“We see our business growing sort of in tandem with the new regulations that are bound to come out and the much more strict posture from the governing bodies about companies keeping people's data safe,” said Daniel Haurey, Exigent's president and a founding member of PIRC.

A series of highly publicized breaches, including recent ones at Marriott and Facebook, have already given rise to the core of their target demographic: companies who would very much like to avoid breaches and their subsequent that regulatory and public backlash.

PIRC will offer clients internal/external penetration testing, policy development and management services and cybersecurity and risk assessments among a menu of other preventative countermeasures. Haurey is acutely aware that his newest business venture is far from the only company to match supply with demand.

“We think that a lot of IT guys are jumping on the bandwagon. They're seeing the market explode,” Haurey said.

The stiff competition is one of the reasons that PIRC was spun-off into an entity distinct from Exigent, which over the past 20 years has branded itself as an IT consulting firm catering to small and mid-size businesses. Haurey believes that consumers are looking for specialists—not general tech personnel—to deal with some of the nuanced and highly technical concerns inherent to cybersecurity, and he hopes to establish PIRC as a leading name in the field.

PIRC's plans for the future are built in part on an educated guess that America is moving towards a GDPR-style approach to the problem of cybersecurity and privacy, driving an even greater demand among businesses for employee training and preventative strategies.

“The responsibility to protect consumer data is just going to be taken much more seriously,” Haurey said.

If Haurey and company are indeed attempting to fill a gap, it's closing fast. Some law firms have even begun moving towards a more holistic approach to cybersecurity that addresses some of the same preventative aims as PIRC. Last fall, for instance, Lewis Roca Rothgerber Christie announced that it had partnered with cybersecurity provider eosEdge Legal in order to engage with clients proactively.

The idea of a crowded cybersecurity marketplace strikes Haurey as inevitability, but he believes that the technical focus that PIRC will bring to the table will keep it distinct from firms that have to split their focus between the digital space and the law.

Still, that doesn't mean there can't be some overlap.

“Law firms may have 50 hospitals or 30 insurance companies as clients and so their risk is exponentially larger and so we feel that law firms actually have huge market potential for us,” Haurey said.