According to the American Bar Association, one-quarter of all U.S. law firms have fallen prey to computer hackers and had confidential client data stolen, taken hostage, damaged, or destroyed.
Given the proficiency of modern hackers in carrying out malicious activities and the fact that many cybersecurity incidents go unreported, it’s likely that the actual number of incidents is much higher than what is reported, and therefore, the victim pool is probably much more extensive.
They do, of course, receive a lot of help from technological advances that make them much more efficient and effective at breaking into your computers, phones, and networks to gather sensitive information.
And when I say sensitive information, I’m referring to the sensitive information that the ABA’s Rules of Professional Responsibility 1.6(c) says you’re obligated to protect by all reasonable means possible.
The problem is that it’s becoming harder and harder for you to fulfill this duty. The reason—as mentioned above—is that cybercriminals are getting better and better at wreaking havoc with stolen data.
Mark Your Calendar
What you’ve got is a situation where hackers aren’t going away. Neither is ABA Rule 1.6(c), which together leave you caught in the middle and increasingly vulnerable to cyberattack and the ethics-based legal, financial, reputational, and disciplinary consequences that flow from a successful criminal sucker-punch of your systems.
What can you do about it? My suggestion is to mark your calendar for March 23 at 2 p.m. Eastern (11 a.m. Pacific)—that’s when BobaGuard and Embroker will co-host a webinar featuring noted cybersecurity attorney Peter Berk from the Chicago law firm Funkhouser Vegosen Liebman & Dunn on the topic of cybersecurity and the ethical obligations for attorneys.
I promise you’ll pick up some valuable insights from Peter, who assists clients in preventing, preparing for, and dealing with legal issues and litigation that arise in today’s technology-driven world. He brings to this critical educational event (which you’re not going to want to miss) deep knowledge about navigating the uncertain and turbulent waters of the online world—knowledge that you’ll be able to turn around and use to fulfill your ethical obligations for cybersecurity.
(Peter, by the way, is admitted to practice law in Illinois and to appear before the U.S. Seventh Circuit Court of Appeals as well as the U.S. district courts for the Northern District of Illinois and for the Northern District of Indiana; his firm has for more than 40 years provided comprehensive business-focused legal services for local entrepreneurs and global entities alike while striving to deliver superior accessibility, vision, and expertise to anticipate and address legal challenges of every conceivable form.)
What You’ll Gain by Attending
During the March 23 webinar, Peter will present hypothetical situations and real-life examples to examine the unique implications of cyberattacks on the legal profession and tie those into the applicable ethics rules.
He tells me he hopes to accomplish three things in particular.
First, he wants to give you a leg-up on how cyberattacks are planned. Peter feels that clueing you in on this will help you not only be a step ahead of the bad guys but will also put you in a position to gain a solid competitive edge in your legal practice.
Second, Peter aims to teach you how to safely navigate the potential legal and ethical pitfalls of cyberattacks so that you can better protect your clients—and, by extension, your practice.
Third, Peter will walk you through the minefield of ethics rules that await you pre-, peri-, and post-cyberattack. There are some challenging situations you’ll be confronting at all three stages, and you need to be equipped with the skills to make some hard-edged ethical decisions about them, he says.
Among the specific tips you can expect Peter to offer will be these:
Conduct a risk assessment to identify if your firm has any critical vulnerabilities/weaknesses that could risk your clients’ data privacy.
Get law firm cybersecurity insurance to cover you for the financial impacts of a data breach (these usually include the cost of recovering/restoring data, operational downtime, crisis-management activities, and forensic investigations).
Audit your potential risk areas, then develop a robust law firm cyber security policy and incident response plan that takes these weaknesses into account (the policy and strategy should be designed around your firm’s unique, specific needs and be communicated to your entire staff so that everyone is aware that they share in the duty to be cyber secure and that they know precisely what those duties are).
Use cyber security tools such as spam filters, firewalls (both the hardware- and software-based types), multifactor-authentication login credentialing, password managers (for creating tough-to-crack passwords), and encryption technology.
To join us for this webinar, click this link and complete the short registration form that awaits you. But please hurry—space is limited!