In the modern era, law firms need a robust cyber security plan to protect the secrets of their clientele. As our world becomes more dependent on technology, data breaches present an ever-growing risk for legal organizations across the globe. Cellphones, laptops, thumb drives, and even paper files can all be compromised, leaving you vulnerable to devastating cyber attacks.
If your clients' sensitive data is ever compromised, you can face serious liability claims costing tens of thousands of dollars. When that happens, what will you do? Is your firm prepared to respond?
Get a Quote
Protecting your career is just a few short steps away.
Pearl CyberPro Insurance is here to shield your firm from the legal fallout caused by skilled and adaptable attackers. We provide a free hotline for you to call, so we can help you through every stage of the process. We don't just protect firms—we're also on the frontline in assisting employees, clients, and individuals who fall victim to malicious digital attacks.
- Third-party liability coverage to recover financial damages arising from unauthorized access, use, or disclosure of private information
- Protection against cyber terrorism, extortion, and espionage
- Option for ransomware coverage
- Financial restitution for the costs of recovering data compromised by a hacker, computer virus, DDoS attack, and more
- Funding for public relation costs and breach notification expenses
- Prior acts coverage, based on the retroactive date of your existing professional liability policy
- Protection for loss of income due to computer system downtime
- Enterprise-wide protection for all your firm's data, even when it's outsourced or stored in the cloud
- And much more
A case study on the importance of cyber security:
An attorney left his laptop in his car overnight. The following morning, he discovered his back window had been smashed and his laptop had been stolen. Though his computer was password protected, the hard drive was not encrypted.
State law required the firm to inform each person whose personal data was stored on the computer of the breach. His laptop had investment documents and various spreadsheets with names, addresses, and other sensitive information for thousands of clients and investors.
The estimated cost for a small firm that loses data for 1,000 - 5,000 people due to a data breach is approximately $600,000. And if the breach negatively impacts a deal in progress, the costs climb even higher.
Covers legal liability arising from the following:
- Unauthorized access, unauthorized use, unauthorized disclosure, or theft of private consumer information, confidential business information, or other sensitive legal or client information occurring at the company or at a company vendor. Coverage extends to the unique risks law firms face over confidentiality breaches and losses arising out of the intentional or accidental disclosure of client data
- Cyber terrorism, extortion, or espionage
- Transmission of a computer attack or computer virus due to misuse of the company’s computer system
- Misuse of the company’s computer system, website, email, social networking, or other electronic communications resulting in harm to others
Coverage is designed to address the downstream liabilities law firms face when confidential client information is maliciously or accidentally disclosed or destroyed.
Coverage extends to civil and regulatory defense costs, as well as compensatory damages, punitive damages, fines, and penalties for accidental, intentional, or malicious acts of third parties, company employees, or company vendors.
Covers direct financial and consequential losses arising from the following:
Covers the cost to rebuild, reconstruct, or reengineer electronic data following a computer virus, hacker, denial of service, cyber terrorism, cyber extortion, cyber espionage, or other computer attack that alters, damages, or destroys electronic data. Coverage extends to costs of computer forensics following a loss.
BUSINESS INCOME AND EXTRA EXPENSES
Covers loss of revenue and extra expenses following a computer virus, hacker, denial of service, cyber terrorism, extortion, espionage, or other computer attack that alters, damages, or destroys the company’s electronic data resulting in a loss of income. Coverage is designed to address the unique extra and expediting expenses, as well as income loss that can occur when confidential legal information is disclosed or destroyed. Coverage also extends to (1) computer forensic expenses; (2) forensic accounting expenses; (3) expediting and extra expenses; (4) dependent business income; and (5) extended business income loss.
Covers theft of money and securities by others from the company using computer systems. Coverage can extend to intentional acts by company employees, third parties, and company vendors.
Covers threats to (1) damage the company’s computer system; (2) disclose the company’s private or confidential information; (3) damage the company’s electronic data; and (4) interrupt the company’s electronic connectivity.
Covers (1) public relations expenses; (2) breach notification expenses; and (3) credit monitoring and identity theft services following an event otherwise covered by the policy, including a virus, hacker attack, or disclosure of confidential/private information.
Law firms acquire, store, and send confidential information in the ordinary course of practicing law. As such, a breach of your cyber security will not only expose your personal data, but will also pose a threat to the confidentiality of information relating to your clients, as well as any parties involved in litigation or transactions with your clients. Almost every state has adopted laws regarding the disclosure of non-public personal information, whether intentional or not. These laws typically require the responsible party to either notify impacted individuals or face penalties. Moreover, the rules of professional conduct generally prohibit the unconsented disclosure of confidential information.
Our Security Breach Counsel will help assess the risks and mitigate the damages resulting from a breach, while taking into account the following:
- State security breach notification laws
- Federal security breach notification laws (such as HITECH/HIPAA and the FTC’s Disposal Rule)
- State professional ethics obligations
- And more
Specifically, in order to mitigate the damages arising from the breach, we will help with notifications, rectifying the breach or data loss, and will utilize our industry knowledge to advise you on the possible implications of your legal malpractice insurance.
Our policy is more than just insurance—it’s a protection plan. When a breach incident occurs at your law firm, our experienced Security Breach Counsel is ready to assist. Our network of knowledgeable cyber law attorneys respond to law firm breach incidents locally and across the country. Through our partnership with O’Hagan LLC and the Professional Liability Attorney Network (PLAN), our Security Breach Counsel is on call to assist clients in responding to actual and suspected confidential data security incidents and claims. Our team is equipped to immediately respond to large and complicated breaches, in addition to efficiently managing more limited and routine compromises of data security.
We advise clients on a variety of online and other breach-related situations. Our attorneys are prepared to handle data breach responses and related matters, including data breaches requiring notice in most states and numerous other countries. Our team will assist clients with the following:
- Breach investigations, including determinations of whether, how, and when a breach occurred
- Analysis of breach notification requirements
- Preparation of notifications in compliance with applicable requirements
- Interaction with state attorney generals and other governmental agencies, including law enforcement, in follow-up investigations
- Defense of state bar association ethics, or disciplinary inquiries or actions related to a data breach
- Preparation for defense of individual and class claims
Kevin O'Hagan and the cyber liability attorneys of O'Hagan LLC lead our Security Breach Counsel. This team is headquartered in the heart of Chicago, but is only a telephone call away. O’Hagan LLC is supported nationally by PLAN. PLAN is a national organization of independent, AV-rated law firms, specializing in a variety of related-industry law, including cyber liability law. If ever your legal needs extend the reach of our Security Breach Counsel and their local jurisdiction, PLAN has a network of law firms across the country with designated cyber practice leaders that stand ready to assist and bring your matter to a swift resolution.
Our team is available to assist your firm 24 hours a day, 7 days a week. You can reach our Security Breach Counsel leader, Kevin O’Hagan, at 855.247.4710.
Responding to a security breach requires a team effort to effectively mitigate the damages. In addition to the legal and regulatory implications of counseling, Pearl CyberPro is affiliated with a group of industry leaders to assist in investigating the breach and designing and implementing a response plan.
Our team consists of the following groups:
Security auditors at forensic firms
Our partners will identify the source and scope of the data breach. If necessary, the firm will aid in the recovery, restoration, or replacement of your information and software, as well as the removal of the hacker’s tools, including Trojan horses, viruses, or worms. Even prior to a breach, our partners have the expertise to ensure that your firm is in compliance with ethical and legal cyber security requirements.
Public relations agencies
We use public relations agencies with extensive experience in addressing the specific needs of law firms. These agencies will advise on, design, implement, and execute a tailored public response to your firm's breach.
Our partners will help you draft and deliver notifications to required customers, clients, opposing counsels, courts, state attorney generals, law enforcement officials, and credit bureaus.
Credit and internet monitoring
Few things are as worrisome as the disclosure of personal, corporate, or financial information. Our partners will put the minds of those affected at ease by helping you procure credit and internet monitoring services to alert you if nonpublic personal information has fallen into the wrong hands. Moreover, we partner with identity theft insurance companies to take a proactive approach in mitigating the damages resulting from a breach.
Crisis communication call centers
Depending on the size and scope of your breach, it may be necessary to bring in outside resources to help handle the calls from those affected. These professionals will familiarize themselves with the breach and train the people who answer calls to ensure your public image is maintained.
Forensic accounting and loss valuation firms
A security breach will not only divert an attorney’s attention away from their clients' immediate needs, but it may also completely prevent them from accessing files and documents. Both situations limit an attorney’s billable hours. Our expert partners will help you determine the value of the economic loss caused by a security breach or data loss.
The Pearl CyberPro response team is composed of experienced professionals ready to assist you in your time of crisis. When you report a claim, it is our duty to help you minimize damages from the data breach—including legal damages and damages to your reputation. Pearl CyberPro Insurance will provide you with expertise from our Security Breach Counsel to help guide you through the claims process.
Fill out the form below to talk with a Pearl Insurance representative.