Global law firm Goodwin announced today the creation of a Chief Information Security Officer (CISO) position, and the appointment of Scott Kopcha to the role. As CISO, Kopcha, who previously served as the firm’s Managing Director of Information Security, will oversee all aspects of the firm’s global information security strategy, architecture, governance, and risk mitigation as CISO. He reports to Goodwin’s Chief Operating Officer, Michael Caplan.
“As the pace of technological innovation continues to accelerate, information security has come into a sharp focus for our clients, our industry, and our firm, and we are scaling our operations accordingly,” said Mark Bettencourt, Goodwin’s Managing Partner. “Scott is one of the sharpest information security professionals in the industry. His extensive institutional knowledge coupled with his technical skillset will continue to be an invaluable asset to our clients and our firm.”
“Goodwin already has one of the top data security teams in the industry,” said Caplan. “Under Scott’s leadership, we are re-doubling our commitment to information and cybersecurity as we continue to support clients through the practice and business of law.”
Kopcha brings more than 20 years of information security experience to his CISO role. Before joining Goodwin in 2013, Scott designed and executed best-in-class information and data security programs at WilmerHale. Prior to that, he was a product manager at Janus Associates where he received patents for his work with biometric authentication platforms.
As Goodwin’s CISO, Kopcha will be responsible for security operations, regulatory compliance, cyber risk and cyber intelligence, client consulting, data loss and fraud prevention, security architecture, identity and access management, program management, investigations and forensics, and governance.“Supporting clients through a rapidly evolving threat environment and regulatory landscape is a top priority for Goodwin,” said Kopcha. “I look forward to working across the firm and with our world-class Data, Privacy & Cybersecurity practice to proactively advance our clients’ and our own security infrastructure and technology.”