Cybersecurity In the Legal Space: Is Your Organization Prepared? [Law Journal Newsletters]

  • September 6, 2019
  • by Sundhar Rajan

Organizations that continue to be complacent about data security ignore the considerable risks posed by a breach: extended downtime, loss of billable hours, destruction or loss of sensitive data and work product, and the potentially catastrophic costs associated with repairing the damage — both to their technology infrastructure and to their reputation and brand.

Despite numerous reports of data breaches at law firms over the past decade, a warning from the FBI that hackers are specifically targeting international law firms, and increasing pressure from clients to address cybersecurity concerns, legal services providers, on the whole, have so far failed to respond adequately to the scope and urgency of the problem. The ABA’s 2018 Legal Technology Survey Report reveals that only about half (53%) of lawyers say their firms have a policy to manage the retention of information/data held by the firm, only 25% of respondents report having an incident response plan, and an astonishing 29% report having no security policies at all.

As a measure of basic cybersecurity preparedness by legal professionals, these numbers are alarming. Organizations that continue to be complacent about data security ignore the considerable risks posed by a breach: extended downtime, loss of billable hours, destruction or loss of sensitive data and work product, and the potentially catastrophic costs associated with repairing the damage — both to their technology infrastructure and to their reputation and brand.

Getting Serious About Cybersecurity

It is commonplace in security circles to say it’s not a matter of if your organization will experience a breach — it’s a matter of when. So how should law firms and legal departments prepare in a way that’s commensurate with the risk? First, they need to understand that an effective cybersecurity program can’t focus exclusively on preventing attacks or other forms of data loss; having a detailed incident response plan for the mitigation of breaches once they happen is equally, if not more, important. A purely defensive posture is almost certain to fail.

To read the full article, visit LawJournalNewsletters.com.

 

Keep reading on Law Journal Newsletters

Give Casepoint a try

Why not see first-hand how Casepoint is revolutionizing eDiscovery?
Let us give you a tour.

Request a demo Any questions? See our FAQs or give us a call.