P2P

16 P E E R T O P E E R : I L T A ' S Q U A R T E R L Y M A G A Z I N E | F A L L 2 0 2 2 items, the firm has lost control, chain of custody, or, in a word, governance. When the scanned image gets used, it gets worse. For example, what happens when copies get different file names and annotations? Which receiving party files it into the document management system? How do we ensure another recipient doesn't file it as well? Each copy of each scanned mail item is subject to the behaviors and schedules of the entire base of mail recipients. Again, no governance. Email Is the Weakest Link Why should a law firm double-down on a digital mail delivery mechanism that has always been the number one target for cyber-criminals and the number one technology for user errors that have led to costly mistakes? We've just discussed how scanned mail PDF attachments end up disbursed in the email system. And don't forget, there is no way to know what is in those PDF attachments coming out of the mailroom, so the exposure is raw. If a mail item is intercepted or sent to the wrong person, it will be unclear what was exposed. It gets worse... By "training" attorneys and staff to receive and open unnamed PDF attachments, this is reinforcing the specific user behaviors that cybersecurity experts warn against. Email has always been the weakest security link—but it has actually become progressively worse since the shift to hybrid operations. In 2020 - 2021, there was a 64% rise in threat volume of malicious email attacks 1 and employees clicked on 3x more malicious emails than they had ever before, 2 and the average cost of a data breach increased by $1.07 million due to remote work. But that's not all... When it comes to data breaches, insiders—not outside actors --are the most dangerous. 3 Email, as we know, is vulnerable to the human error of 'wrong recipient' – sending the wrong user the wrong message. According to the research, 58% of people have sent an email to the wrong person while at work, with 20% of recipients stating that this action has lost their company business. What may be surprising is that, 88% of today's data breaches are caused by human error. And then there's privacy—and email is simply ill- suited for modern privacy compliance requirements. Digitized inbound paper mail from clients is likely to contain protected information such as personally identifiable details which must be handled in compliance with an increasing set of complex privacy regulations. These regulations include General Data Protection Regulation (GDPR) and California Consumer Protection F E A T U R E S 1. Mimecast State of Email Security Report 2021 2. Mimecast 3. https://www.cybertalk.org/2021/12/02/alarming-cyber-security-facts-to-know-for-2021-and-beyond/ 4. https://www.commerce.senate.gov/2022/6/house-and-senate-leaders-release-bipartisan-discussion-draft-of-comprehensive-data-privacy-bill 5. ILTA Tech Survey

• Cover