Hello and welcome back to Inside Track. I’m Rebekah Mintzer, In-House Editor at Law.com.
Last week we wrote about about the very real cash that GCs are making, as we released our 2018 GC Compensation Survey. This week we discuss a different kind of money–cryptocurrency–and how GCs are saving it up to pay off hackers. Should they really be doing that, though?
Also, we look at one GC’s struggles with GDPR compliance and the latest and greatest Uber legal department hire.
Paying Off Cybercriminals? Don’t Do It!
A report from Code42 published last week showed that human emotions pose a great cybersecurity risk for companies. Another stat that caught my eye? A majority of chief information security officers surveyed are actually prepared to pay out hackers in the event they are hit with ransomware. I posed some questions to Joseph Facciponti, a partner at Murphy & McGonigle, who was formerly in-house at HSBC, about why this is.
Stockpiling Crypto. The survey indicated that 73 percent of chief security officers are squirreling away cryptocurrency in case hackers take over their servers and demand the company pay a ransom.
This didn’t surprise Facciponti, who’s a former federal prosecutor. He said that cyber criminals often ask for some kind of cryptocurrency because this is “perceived as being untraceable, or at least less easily traceable, than wire transfers of traditional currency.”
Big Mistake. It doesn’t “pay to play,” according to Facciponti, since there’s no guarantee hackers will hand the data over. “Often the attackers simply take the ransom and disappear, or demand even more money before releasing the data,” he said.
Facciponti further said payoffs only encourage additional attacks. “The best way to respond to a ransomware attack is to not get infected in the first place, which is why in-house counsel should insist that their businesses invest in robust cybersecurityprograms that include employee training and maintain backups of their critical data,” he said.
Got GDPR Problems?
My new colleague Phillip Bantz got a great interview recently with John Boswell, the chief legal officer of SAS Institute. Boswell opened up about the troubles he’s seen around compliance with the European Union’s General Data Protection Regulation. Here are some highlights from that interview…
▶ Under the GDPR, European employees can call their companies and request data held on them, and SAS employees overseas are doing just that. According to Boswell they’re asking for everything, including reports on their progress intended for management’s eyes only. Boswell said this could be a “backdoor way of getting discovery in litigation with a disgruntled employee.”
▶ SAS used “secret shopper” tactics to test its GDPR readiness, and asked spouses and assistants of employees to call in posing as “European employees” to request their data. Turns out many SAS employees failed the test as they weren’t able to follow the set process to handle these calls.
▶ To some extent, Boswell is still waiting to see how tough the EU will be on enforcement and what sorts of violations will catch the eye of regulators. “Right now every company in the world is out of compliance with the GDPR in some way,” he said. “The only question is, how bad is OK?”
Have any stories for us around the trials and tribulations of GDPR? How about tips or best practices that have worked for you? Get in touch with me.
An Internship to Remember
Summer Fun. Everyone knows about the programs law firms run for summer associates. But how about what goes on at legal departments? In-house reporter Caroline Spiezio took a peek this week at how some of Silicon Valley’s biggest names, like Google, Cisco, Adobe and NetApp, are recruiting “summers” of their own from law schools to give them a taste of law department life (and perhaps even steer them in that direction after graduation).
How it Works. There are several different models of summer law department internship, Caroline reports. Cisco, for instance, has a program through the Institute for the Future of Law Practice that puts students through an in-house boot camp,then offers them 10-week or seven-month internships. Adobe offers a 1L Diversity Scholarship, that allows interns to spend time both at the legal department and at partner law firms, Perkins Coie and Arnold & Porter Kaye Scholer.
A Different Vibe. There’s a broad consensus that law schools don’t focus much on prepping students for future in-house careers. That’s where these companies and their internships can help. As Matt Fawcett, general counsel of NetApp, told Caroline. “I think one of the important things is to make it clear for students, to be transparent about what in-house practice is like, because to me it’s not just a different version of working at a law firm. It’s a different practice entirely.”
Wednesday, August 22. Mark your calendars, Global Leaders in Law will hold a session titled “The Changing World of Global Trade” in Tokyo. GLL is an invitation-only membership group offering GCs a global platform for in-person collaboration to exchange ideas and receive advice and guidance from peers. For more information, contact Meena Heath at email@example.com.
Thursday, September 13-Friday, September 14. Prominent in-house lawyers will meet to discuss disruption and the changing role of GCs at Corporate Counsel Forum Europe 2018. The conference, which is co-chaired by two prominent general counsel, Sabine Chalmers of BT and Phillip Bramwell of BAE, will take place in the U.K. at Pennyhill Park, Surrey.
Wednesday, September 26- Thursday, September 27. GCs from all over the country and beyond will gather in New York at the General Counsel Conference. Expect to hear about risk and regulation, executive leadership strategies, cybersecurity and technology and much, much more. Speakers include top-level in-house lawyers from AIG, AT&T and News Corp.
Wednesday, September 26-Thursday, September 27. Or if you’d prefer to network and learn from GCs in the hedge fund space, you might want to attend the Hedge Fund General Counsel and Compliance Officer Summit in New York. Panels include a discussion on AI and machine learning for hedge funds as well as on discussions about corporate governance and regulatory examinations. Thursday, October 4-Friday, October 5. Where can you find a group of high-powered female in-house legal leaders getting honest about the challenges that women face in the profession? Check out Women, Influence & Power in Law, a summit in Washington, D.C. this fall. There are sure to be plenty of educational and networking opportunities, and speakers include big time in-house leaders from Pfizer, MetLife, Hewlett-Packard Enterprise and more.
On the Move-
IPO Master. By the end of next year, Uber executives have said the company will file for an initial public offering. The company took a big step toward that IPO this past week with the hire of Keir Gumbs as associate general counsel, corporate transactions, and deputy corporate secretary, replacing Todd Hamblet. Gumbs, the latest member of the powerhouse legal department being constructed by new-ish Uber CLO Tony West, is a Covington & Burling partner who specializes in securities, corporate governance and transactional work.
Those who watch Uber as closely as we do may note that Gumbs isn’t the company’s only Covington connection. Tammy Albarran moved from the firm to Uber in March to become deputy GC and along with Covington partner Eric Holder, Albarran helped write the famous “Holder Report” on cultural problems at the company. That was the report spurred by Susan Fowler Rigetti’s scathing blog post that called out alleged sexual harassment and discrimination at Uber.
In Other Moves…
Charged and Ready. Electric carmaker Faraday Future announced a major hire recently. The company, which just landed a massive $2 billion investment, has brought on Henry (Hong) Liu as global chief administrative officer, global executive vice president and global general counsel. That’s a lot of “global.” But it makes sense for a company that is trying to bring its vehicles to market in both the U.S. and China. Liu is a former GC at the China Securities Regulatory Commission, and has worked at Mayer Brown, among other global firms.
A New Chapter. Last week, Bankruptcy Management Solutions, a Californiacompany that claims to be the first to provide software for automating the administration of Chapter 7 bankruptcy cases, named Christopher Updike as its new GC. Updike is a former attorney at Debevoise & Plimpton as well as Cadwalader who has a background in complex corporate restructurings and bankruptcies.
Double Trouble. Why have one GC when you could have two? Hearst Publications decided to name two new legal leaders this week to share duties as co-GCs. The publisher promoted Jonathan Donnellan and Mark Redman, two deputy general counsel complimentary backgrounds. Donnellan focuses on First Amendment Law and litigation, while Redman has a transactional law specialty. They replace Eve Burton, who got bumped up to the CLO role in February.
Setting a Benchmark. This week, Benchmark Electronics, a manufacturing, engineering and design company, brought on Steve Beaver as its newest legal boss. Beaver, who formerly worked at Bryan Cave and at Aspect Software, among other companies, will have a global legal purview at Benchmark, which has offices in the U.S., Mexico, Europe and Asia