Phillips Nizer has hired Patrick Burke, founder and former deputy superintendent of the Office of Financial Innovation in the New York State Department of Financial Services, as a partner and head of the firm’s data technology and cybersecurity practice.
“As the regulator in charge of oversight of New York State’s cybersecurity and virtual currency regulations for much of the financial services sector, Patrick is a unique leader in the data technology and security fields,” Marc Landis, managing partner of Phillips Nizer, said in a statement.
Burke has also practiced in the New York offices of Linklaters, Reed Smith, Seyfarth Shaw, and Bennett & Samios, and has held in-house counsel roles at technology firms nMatrix and Guidance Software. He has taught extensively in the fields of computer forensics, e-discovery, and information governance at the Benjamin N. Cardozo School of Law.
During his time with New York’s DFS, Burke oversaw cybersecurity examinations administered to registrants and implemented rules and regulations pertaining to virtual currency.
“At the DFS, I supervised a program where we sent teams into banks and insurance companies to see whether their protocols were up to snuff and in compliance with New York State cybersecurity regulation,” Burke said. “I got to look at a lot of different entities and assess how they were doing and whether they were improving their systems and procedures or not.”
Burke said corporations, funds, and financial institutions have a growing need for increasingly specialized legal services as some states and jurisdictions become more vigilant—and stringent—with regard to data protection and cybersecurity regulations. For example, California is highly regulated, particularly when it comes to consumer data privacy.
In addition, the danger of hacking is particularly acute because so many corporations and financial institutions still rely on information systems designed and assembled two or three decades ago, making them ripe targets for hackers looking to steal data, Burke said.
“The information systems put together 20 or 30 years ago weren’t built for security. Now we’re patching it all up, but it takes a lot to protect the data, both from the point of view of data storage and teaching employees not to click on certain links and be phished,” he said.