From Vendor Dependent to Crisis Ready

When a law firm’s MSP/MSSP is suspected of compromise, you don’t get a single incident. Instead, you get a multi-party one that crosses firm-provider-client boundaries. Privilege, decision rights, and even the communication channels themselves can be at risk.

This session seats all three parties in the same room—outside counsel, corporate clients, and the providers law firms rely on—to walk a provider-compromise storyboard and convert it into a repeatable playbook you can use with your own ecosystem.

In this session, we cover:

• How to structure joint firm-provider-client tabletops (roles, injects, evidence handling, success metrics).
• Privilege-preserving operating patterns directed by counsel (what stays in ordinary course vs. legal advice; documentation that stands up).
• Minimum-viable out-of-band communications (E2EE, role scoping, immutable audit without content exposure, rapid onboarding of externals).
• Decision frameworks for “who leads what”—when to split tracks, when to act jointly, and how to report up and out.
• Templates (inject packs, comms decision trees, readiness metrics) you can adapt immediately.

• Methods for recognizing early signals that justify shifting sensitive communications off the production network.
• Strategies in protecting privilege under pressure through outside-counsel constructs, evidence preservation, and defensible audit trails.
• Guidance for making practical decisions on vendors, zero-trust access, and public statements that won’t backfire.