From the June 2018 issue

Are you covered? Cyber insurance market is highly unstable and lacks uniformity

As cyberthreats evolve and proliferate, more insurers are expanding options to help law firms mitigate loss. However, without industry standards, coverage and cost vary from plan to plan, sometimes causing gaps in potential coverage.

With a single click, a law firm can be brought to its knees. On May 22, 2015, an employee at Moses Afonso Ryan, a small business-law firm in Providence, Rhode Island, opened an attachment in an email from an unknown source. Within a short time, every document and device on…

May 14, 2018

Yes, there’s an email encryption vulnerability; no, you (likely) don’t need to freak out

European security researchers have released a warning regarding a vulnerability in PGP and S/MIME, a form of encryption used in email. While the researchers and the Electronic Frontier Foundation recommend that users of the technology disable it, this likely affects few law firms. The vulnerability, which is being called “EFAIL,”…

From the May 2018 issue

How can lawyers find cybersecurity solutions that work for them?

Anna Stolley Persky

Lawyers don’t have to break the bank if they wish to be protected from cybertheft. But that doesn’t mean they can afford to be cheap in selecting security products and services.

As this yearlong series has already covered, lawyers and law firms are sitting on valuable information that could be worth billions to cybercriminals. Additionally, this country loses hundreds of billions annually due to stolen intellectual property. With so much money at stake, perhaps it’s little wonder that the cybersecurity industry…

From the April 2018 issue

Lawyers have an ethical duty to safeguard confidential information in the cloud

Remote storage and other internet-enabled technologies can create unique ethical quandaries for lawyers. With changes to ethics rules reflecting technology’s role in the profession, many find the prevailing reasonableness standard difficult to interpret.

With a funeral home in ashes and an insurance company refusing to pay benefits, the last thing you’d expect to hear about is online security and the cloud. But that’s exactly what happened in 2014 when the Holding Funeral Home lost a building in Castlewood, Virginia, to a fire and…

March 7, 2018

Law firms need to understand their ‘threatscape’ and be vigilant about cybersecurity

ABA Journal legal affairs writer Jason Tashea appeared on The Guardian Podcast about the ABA Journal's yearlong cybersecurity series, Digital Dangers. Tashea’s 20-minute conversation with with business podcaster Ryn Melberg covers stories that Tashea has written, like how law firms are using tabletop simulations to assess the threats they face…

From the March 2018 issue

Cyberthreats 101: The biggest computer crime risks lawyers face

Mary Ellen Egan

Cyberattacks are on the rise, both in the number of incidents and the costs associated with the attacks. Hackers use the same methods regardless of firm size or data collected.

Last March, attorney Jeffrey Wicks was being held at digital gunpoint. Wicks—head of a small firm handling criminal defense and civil and family law cases in Rochester, New York—was being extorted by cybercriminals who were holding his firm’s data for ransom. Wicks had apparently opened an email attachment that locked…

February 28, 2018

What’s actually happening when a cryptocurrency gets hacked?

In late January, the Japanese cryptocurrency exchange Coincheck was hacked, costing 260,000 users over $530 million in NEM, a cryptocurrency similar to bitcoin. This is the largest hack of its kind, but not the first. The previous record holder for largest crypto-heist was Mt. Gox, another exchange that saw $450…

February 22, 2018

SEC issues new guidance on cybersecurity disclosure

The Securities and Exchange Commission released new guidance calling for public companies to be more transparent regarding their cybersecurity risks—both before and after an attack. “[T]he Commission believes that it is critical that public companies take all required actions to inform investors about material cybersecurity risks and incidents in a…

February 12, 2018

97% of cybersecurity leaders are evaluating vendor security, including law firms, says new survey

Ninety-seven percent of corporate cybersecurity leaders say they formally evaluate the security practices of vendors, like law firms, according to a new survey. Released Feb. 8, the report, titled “The Shifting Cybersecurity Landscape: How CISOs and Security Leaders Are Managing Evolving Global Risks to Safeguard Data,” explores the role of…

From the February 2018 issue

Simulations test law firm system security

As technology evolves, threats and vulnerabilities evolve, too. To not be caught on the back foot, firms are using simulations to find vulnerabilities and build or bolster their cybersecurity systems, as well as cultivating firmwide culture change to train employees.

Last fall, MacKenzie Dunham was a law student working at a personal injury firm in Houston when one of the firm’s two partners called the office to say their car had been broken into and he would not make it in. Not worried, the partner mentioned that among his stolen…