Gone are the days of naively assuming our confidential data is secure. Increasingly, clients, stakeholders, regulators and others are demanding proof that firms are actively protecting the PII to which they have access, and this evidence is being demanded both before and after security incidents. It is imperative law firms have the positions and processes in place to handle security incidents with urgency, accuracy and completeness.
