NEW YORK, November 14, 2016 – Spurred by the growing and often contradictory cybersecurity regulatory burden facing companies, Thomson Reuters, Pillsbury and FireEye have formed an industry- first collaboration to help corporations meet new regulations and manage risk related to cybersecurity. This alliance affords institutions expertise and resources from a holistic, multi-pronged approach to cybersecurity risk assessment and due diligence that combines legal counsel, technical assessments and legal managed services to help meet a variety of internal, external and regulatory standards.
As targeted attacks become more sophisticated, complex and commonplace, organizations cannot rely on the patchwork of industry standards to use as a base for their cybersecurity or risk management program. Each organization should determine its own risk and address any issues or concerns before a problem arises. However, even a casual review of the news shows that many organizations are not meeting this seemingly minimal obligation with widespread success.
The alliance between Thomson Reuters, Pillsbury and FireEye provides the resources and guidance organizations can rely upon to help manage cyberrisk, especially as additional regulations in this area expand and evolve. Pillsbury, a leading international law firm, will help companies navigate the myriad regulations, standards and guidelines they face as well as provide them with legal counsel related to compliance and risk management. The Thomson Reuters Legal Managed Services team will leverage its experience and efficient processes to review contracts and agreements with third-party suppliers and assist in implementing key changes to such processes or agreements advised by Pillsbury. FireEye, an industry-leading cybersecurity company, will perform the technical risk assessments, advanced testing and response readiness to help each organization’s defense posture match the threats to their specific industry and operations.
“Cyberthreats and the regulations created to counter have grown incredibly complex,” said Brian Finch, partner and co-chairman of Pillsbury’s privacy, data and cybersecurity practice. “With that in mind, it is essential to bring multiple perspectives and skill sets together in order to attack the problem. The recently released cybersecurity regulations from the New York State Department of Financial Services cemented our belief that no one organization can fully assist a company in protecting itself from criminal attack and regulatory obligations. The opportunity to work with industry leaders like FireEye and Thomson Reuters to help companies solve those multiple objectives is a truly exciting one.”
Rich Stegina, vice president of Strategic Partnerships at FireEye, commented, “FireEye provides our clients with a global team of experts that can assess an organization’s cybersecurity situation via a range of pre-breach service offerings specific to the needs and goals of that organization. By strategically partnering with leaders in the legal industry — Pillsbury and Thomson Reuters — we can address the complex cyberthreats that the market and specific organizations are facing.”
Christy Weisner, director of Thomson Reuters Legal Managed Services, noted that a key element to this offering, and any cybersecurity risk assessment program, is the analysis of third-party agreements for gaps and degree of risk. “Our Legal Managed Services group at Thomson Reuters already supports clients across all sectors with ongoing contract lifecycle management and compliance solutions, and this alliance ensures clients receive a comprehensive team to address cyberrisk. Our managed services experts will evaluate each contract that involves client data or information systems and, following Pillsbury’s guidance, assist in renegotiation and redocumentation if needed.”
The Federal Reserve Board, the Federal Deposit Insurance Corporation and the Office of the Comptroller of the Currency are considering applying enhanced standards to address this issue for a sensitive and critical area of the U.S. marketplace. Additionally, the New York State Department of Financial Services recently issued regulations in “Cybersecurity Requirements for Financial Services Companies.” Covered entities must adhere to a wide range of cybersecurity requirements, including the establishment of a cybersecurity program and ensuring that third-party service providers are holding information in a secure manner.
Thomson Reuters is the world’s leading source of news and information for professional markets. Our customers rely on us to deliver the intelligence, technology and expertise they need to find trusted answers. The business has operated in more than 100 countries for more than 100 years. Thomson Reuters shares are listed on the Toronto and New York Stock Exchanges (symbol: TRI). For more information, visit www.thomsonreuters.com.
Pillsbury Winthrop Shaw Pittman LLP is a leading international law firm with offices around the world and a particular focus on the energy & natural resources, financial services, real estate & construction, and technology sectors. Recognized by Financial Times as one of the most innovative law firms, Pillsbury and its lawyers are highly regarded for their forward-thinking approach, their enthusiasm for collaborating across disciplines and their unsurpassed commercial awareness. For more information, visit www.pillsburylaw.com.
FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security
operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat
intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and
burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye
has over 5,300 customers across 67 countries, including more than 825 of the Forbes Global 2000.
+1.651.687.4091 [email protected]
+1. 212.858.1042 [email protected]
+1. 415.895.2101 [email protected]