2021 did not turn out the way many of us had hoped. Best-laid plans to “return to normal” were postponed numerous times due to multiple waves of COVID-19 outbreaks and new variants. The steady frequency of ransomware attacks in 2020 continued into 2021, highlighting the serious ongoing threat cyberattacks pose. The most frequent client requests this year included assistance with the ransom “pay-no pay” decision tree, OFAC compliance, and ransomware playbooks. The war in Ukraine and the responsive government sanctions have already increased interest in these topics, and we expect that to continue through 2022.
Despite these challenges, our clients continue to be resilient and more strategic in their approach to security than in the past. Clients are taking time to understand the best steps to secure their networks, and are relying on the information learned from others’ mistakes to guide their approach. Most significantly, perhaps, clients are becoming more nimble in their approach because of the constant evolution of technology and the legal landscape.
The Digital Assets and Data Management (DADM) Practice Group is in its third year of existence at the firm. The pandemic time warp we have been in makes it seem like we have been in existence forever — and that is because the seven teams that comprise the practice group work so well together to support our clients’ interests in the data life cycle. We now have several clients who utilize all seven teams to support their enterprise risk. Although the focus of this Report remains consistent with prior years, we have continued to broaden the topics and analysis to address the issues that the seven practice teams focus on: incident response, healthcare privacy compliance, global privacy issues, blockchain technology, non-fungible tokens (NFTs), truth in advertising, and emerging regulatory trends. We are excited to soon launch a new digital platform version of the DSIR Report that we plan to update throughout the year with real-time data to help keep you informed of trends.
Last year, I addressed the firm’s diversity, equity, and inclusion (DEI) efforts. One reader questioned why this topic was included in this Report. Let’s be clear: while conversations around DEI may be uncomfortable, they must occur. Being open about our efforts promotes conversations both inside and outside of our organization — that’s the way we improve and do better. In 2021, BakerHostetler announced it is participating in the Mansfield Rule 5.0 Certification process. The goal of the Mansfield Rule is to boost the representation of historically underrepresented lawyers in law firm leadership. Under the Mansfield Rule, BakerHostetler will commit to tracking and measuring that we have affirmatively considered at least 30% women, lawyers from underrepresented racial and ethnic groups, lawyers with disabilities, and LGBTQ+ lawyers for top leadership roles, senior-level lateral hiring, promotions into the equity partnership, and participation in client pitch meetings. The DADM Group continues to lead the way in this initiative. Currently, over 50% of our practice group is comprised of female lawyers and approximately 30% are persons of color or LGBTQ+. Our work is not finished and we intend to continue our efforts to attract, retain, and find a successful path upward for underrepresented minority groups. Thank you to our clients and the vendors we partner with for all of your support. We hope you enjoy this edition of the DSIR Report and we welcome you to contact our DADM group members with questions or suggestions.