No one can deny that security in the legal profession is of the utmost importance. It is a universal concern that affects attorneys, staff and clients, especially with the increase in malicious attacks to gain access to the valuable data stored within the enterprise. What risks are organizations facing, and how do you make sure you don't fall prey to today's threats? ILTA sat down for a "virtual roundtable" with five member thought-leaders to get their ideas about information security. Each person's interview can be heard in its entirety on the accompanying podcasts.
What security issues are universal across the legal profession?
Jeff Kunz: The legal vertical faces nearly all of the same security issues as the rest of the world. Mobile device security, advanced persistent threats, regulatory compliance, etc. — all on (typically) a much leaner budget than corporations.
Brian Clayton: It's always been our duty to protect client confidences. This has not changed, but it has evolved. Security is always a tough sale, even with lawyers, because it is in direct conflict with ease of use and simplicity. Social media, Dropbox- like technologies, hackers — all of these and more are risks for
attorneys and their firms, regardless of size or location. Today's challenge is how to catch up to the consumerization of technology, control its use and vulnerabilities, yet still keep up with clients who may not have such controls placed on them.
Matt Kesner: Security issues mostly sit in two categories: keeping the bad guys away from our secrets and being aware of the changing legal environment, not only in the U.S. but all around the world.
Annette Urquijo: Hacking is a big issue. The FBI recently warned that more firms are being targeted because they're seen as easier targets than their clients. Another threat is business interruption,
Jeff Kunz
Jeff Kunz is a Security Engineer at Foley & Lardner, LLP. He has been in the IT field for 17 years, with a focus on information security for the last seven. Jeff's specialty is in offensive security — penetration testing, exploit development, reverse engineering and vulnerability assessment. He can be contacted at jkunz@foley.com.
Annette Urquijo
Annette Urquijo is a Risk Manager at DLA Piper in Australia. She has worked for various international firms as part of global risk management teams during the past five years, where she has focused on implementing procedures to protect client confidentiality, developing information barriers and addressing general client intake issues. Prior to that, Annette worked in private practice as a litigation attorney and senior associate for several years. She can be contacted at annette.urquijo@dlapiper.com.
Peer to Peer
109
