On March 30, 2016 the legal world held its proverbial breath the news broke in the Wall Street Journal about the first reported law firm breaches.

The article reminded us that law firms are businesses like financial, pharmaceutical, insurance and manufacturing companies.  They too need to protect their HR employee personal identifiable information, merger and acquisition documents, intellectual property and internal financial information.

Oftentimes, we hold law firms to a higher standard for ethical reasons, due to the rules of professional conduct and the fact that they hold client data in their care, custody and control.  Regardless of the driver, all companies – including law firms — need to keep their data secure using the most t advance technology available.

“Hackers Hit Cravath, Weil Gotchal,” was the title of the article, however it could have been ANY law firm.  At risk of stating the obvious, confidential information from two prestigious NYC law firms was disseminated to unauthorized users.  The supposition is that the information was stolen to use for insider trading purposes.  All we really know is that confidential information became public in a matter of seconds.

What is really lost when a company is breached?  Reputation takes the biggest hit.  Will other clients want to bestow their cases with a law firm that has been publicly compromised?  The answer is an unequivocal no.  Loss of revenue and partners will follow.

Law firms need to explore all aspects of data security, but in particular, persistent, data-centric security in the form of Enterprise Digital Rights Management if they want to collaborate securely and protect their reputation.