Several years ago, we published a short primer for law firms intending to provide a brief discussion of key cybersecurity issues, including some helpful steps for safeguarding the client personal and confidential information they maintain. Since then, attacks against firms have increased, ethical rules are tightening, and clients are growing concerned. In at least one instance – and likely more to follow – client concerns resulted in litigation between firm and client over the adequacy of the firm’s cybersecurity safeguards.
We updated that primer (download here). We also prepared a two-part webinar series to help firms think through their cybersecurity risks. Part One provides an overview of the legal, contractual and ethical risks firms face. Part Two discusses some best practices for navigating client service agreements, breach response and assessments.
The recent global ransomware attack should spur all organizations to think about what they are doing to safeguard their systems and data. Of course, doing something now and leaving those efforts on the shelf is not the right approach. The process of evaluating risks and implementing steps to address those risks is ongoing.