Published on:

A possible RFP question: what has your firm done to protect against hackers?

It is too easy to adorn RFPs with questions that do not in the crunch make a palpable difference to the in-house counsel who evaluate the RFPs and choose firms. Experience, depth of talent, subjective impressions of quality, and cost structure easily and consistently push other considerations out of the ring.

Even so, as I read in the ABA J., Sept. 2010 at 27, about threats to the network security of law firms, the possibility came to me that law departments will start to ask about defensive measures taken by firms. A question to firms that receive RFPs about steps they have taken to protect the client’s data from hacker attacks might provide a basis at the margin for choosing one firm over another.

Posted in:
Published on:
Updated:

One response to “A possible RFP question: what has your firm done to protect against hackers?”

  1. Brett C. Don says:

    Rees:
    I would expect to see these questions in RFPs as well. They are already appearing in some outside counsel guidelines and client Data Privacy questionnaires. There is an opportunity here for outside counsel to take a proactive approach by identifying the common questions/requirements and incorporating them into the Firm’s Information Security Strategic Plan. This way the Firm can not only meet the requirements of current clients but will be well-positioned for RFPs and future client requirements.
    Cheers,
    Brett