Hogan Lovells Tackles Cybersecurity With New High-Tech Group
Since cybersecurity intrusions are now "when, not if," Hogan Lovells has created a new group of technical and risk professionals in addition to the firm's existing 50-lawyer cybersecurity practice.
It's an interesting switch for firms—turning to non-lawyers for technical and risk management talents. Harriet Pearson, who leads the firm's multi-disciplinary cybersecurity practice, is the former IBM Vice President Security Counsel and Chief Privacy Officer. (Bisnow profiled her when she first joined the firm in 2012.) She also co-chairs the Georgetown Cybersecurity Law Institute (see coverage for 2013, 2014 and 2015).
Public examples of Harriet's work include repping Home Depot in response to a 50 million-payment card data breach and repping Bloomberg in a review of client data privacy and security practices.
A non-lawyer, Jeff Lolley, above, is the Managing Principal of the firm's Cyber Risk Services, and co-chairs the FBI Infragard Cyber Special Interest Group for the DC Region. Before joining Hogan Lovells, he headed security programs for Marriott International and AT&T.
The lawyers and tech group at the firm will work on matters such as assessing cyber risk and developing policies and programs; incident and crisis response; regulatory compliance; and training.
Deen Kaplan, partner and co-head of the new Cyber Risk Services unit, tells us he spends four hours a day in touch with the technical professionals. He says the new unit formalizes work that they've been doing for more than a year, after requests from clients for help integrating the legal and technical streams. Piloting the program brought strong positive feedback.
In 2016, one important area of activity involves businesses undertaking reviews of their cyber preparedness. Another is assessing whether organizations' management and board are briefed and appropriately organized to address cyber risk—proactive hygiene that's being driven by a lot of government activity, attention, and a fair amount of litigation. With the recent passage of new cybersecurity legislation, information sharing and the strategy around it will also be a real space of activity.
The new Hogan Lovells program comes as cybersecurity is a priority for both business and government: the President's request for $19B for cybersecurity funding in the fiscal year 2017 Budget is a more than 35% increase over 2016.
This week, President Obama announced the Cybersecurity National Action Plan, which establishes both the Commission on Enhancing National Cybersecurity (a group of private sector experts), and the first-ever Federal Chief Information Security Officer position.
