Protecting the clients’ interests also includes safeguarding their digital assets. It’s imperative to be able to assure clients that their data is secure and instil confidence that this promise will be kept. Law firms must therefore not only ensure the confidentiality and security of data but also explain to clients how this is accomplished.
At NautaDutilh, our focus on cybersecurity began as an internal matter: the improvement of our processes and more intensive training for all employees. Since then, security awareness throughout the firm has become second nature. We also routinely hold ‘hackathons’, where professional hackers are invited to try and breach our digital walls. As our clients were facing the same problems, we started sharing our expertise on the best methods of data protection. And that’s how a law firm became a cybersecurity adviser.
We transcend the traditional role of a legal adviser.
Today, we regularly advise clients on the legal aspects of cybersecurity measures and controls. Drawing on the lessons we have learned, we are able to offer clients a ‘package deal’ that also includes organisational and technical security advice. And by doing so, we transcend the traditional role of a legal adviser. Some clients started choosing our firm specifically for this expertise.
Take the General Data Protection Regulation (GDPR). It requires organisations to implement appropriate technical and organisational security measures to protect personal data. Through collaboration between our team of Benelux data protection and cybersecurity lawyers and our IT specialists, we are able to provide clients with workable solutions that are appropriate from both a legal and a technical perspective. Understanding not only the legal, but also the organisational and technical challenges at stake, we take the burden off our clients and enable them to focus on their business.
Over time, our focus turned into a leading role, highlighted by the appointment of our Corporate Information Security Officer as chairman of the newly established Dutch Legal Information Sharing and Analysis Center in 2017. This partnership with other law firms and the National Cyber Security Center is aimed at increasing the level of cyber protection and awareness within the entire legal sector.