Watch this session here!

Cybersecurity breaches are no longer a matter of “if,” but “when.” For law firms, a breach is not simply a technology failure, it is an ethical and professional responsibility event with significant legal, regulatory, and organizational consequences. Professional services firms continue to account for a large percentage of cyber insurance claims, and evolving cyber threats require more than strong IT systems. They require leadership, supervision, and a clear understanding of professional obligations. Using the NIST Cybersecurity Framework as our guide, this program examines the full lifecycle of a breach — Identify, Protect, Detect, Respond, and Recover — through the lens of ethical responsibility and risk management.

This session will explore:

• The duty of technological competence and its connection to professional responsibility

• Ethical obligations to safeguard confidential client and employee information

• Malpractice exposure and grievance risks associated with inadequate cybersecurity

• Ethical considerations in breach response, including notification obligations and remediation

• Governance and leadership responsibilities during recovery

Participants will leave with practical strategies to reduce ethical exposure, strengthen compliance, and build defensible response plans that protect both clients and organizations.