The quarterly publication of the International Legal Technology Association
Issue link: https://epubs.iltanet.org/i/411912
PEER TO PEER: THE QUARTERLY MAGA ZINE OF ILTA 70 FEATURES It is not a matter of whether you will experience a data breach; it is a matter of when you will experience one. An incident response program can enable your cybersecurity program to recover quickly from incidents and mitigate the potential for reputational and financial harm. TYPES OF ATTACKERS In the past, when people thought about their computers and networks being attacked, they often pictured characters from TV shows with dark sunglasses, wearing all black and boasting to their friends about their exploits. But in the modern threat landscape, attackers are typically motivated by financial or political concerns rather than by bragging rights. Attacks can come from inside or outside your walls, and you need to know the types of threats you will likely face. • Insider Threats: The human capital in a law firm is its biggest asset but is also its greatest risk. Once inside and authorized on a network, employees have a wide range of access to information and resources. Insiders can take data, use technical resources against company policy or even use the firm's email system to harass people. In addition, third parties such as contractors or vendors with access to firm resources and insight into firm operations can often be a blind spot in the threat landscape because they may not be monitored as closely as internal personnel. • External Threats: Many kinds of external attackers pose threats to computers and networks, from the simplest automated scanning bot-nets to so-called script kiddies (unskilled individuals exploiting known vulnerabilities with little understanding of what they