The quarterly publication of the International Legal Technology Association
Issue link: https://epubs.iltanet.org/i/80353
Ask The Expert: Information Security: A Universal Concern is to deliver this set of standards and help reduce both the cost and time needed to implement them. Matt: I think LegalSEC has the chance of being the best thing ever to happen to law firm security. It's taking a very practical look at a hard set of problems and fitting it to exactly what the law firm needs to do to stay secure. _________________________________________________________ Why should lawyers and firm management care about investing in firm security? Jeff: A single security breach in an organization can severely damage its reputation. Since reputation is among the biggest assets a law firm has, it is very important to maintain it. Hackers have been targeting law firms specifically for the last few years, as the legal profession has been relatively lax in security controls. There have been a few examples of this activity in recent months, where client files are stolen to gain a competitive advantage or to help facilitate insider trading. Annette: Clients want to know what the firm's security practices are and how well their information is protected. It has become a point of competitive advantage. If you can't prove your security protocols are up to par, clients will go elsewhere. If you can't prove in an audit that you're not doing anything inappropriate, you're going to lose clients. If you're not properly investing in security, it could result in not being able to show compliance with regulatory obligations. And, as Jeff mentioned, if there's a data breach, that's a real concern in terms of the firm's reputation. Clients could think twice before they come to you. Tom: It's simple — for the same reasons they lock the doors on their houses and lock the doors on their cars: to protect their property and their investments and to protect their revenue and their income. Puckett & Faraj in Virginia learned that lesson the hard way. They were attacked in February by Anonymous for defense work they were doing and had to shut down because of the attack. Security is at the heart of what we do. Matt: Tom hit the nail on the head. The scariest reason is probably the best one: Most businesses that have serious security breaches tend to go out of business. Luckily there haven't been too many instances of this in the legal sphere yet, but I fear they're coming. At the core of what we do is keeping secrets for clients, and if we can't do that, then we probably don't deserve their business. We need to invest a lot of time and energy and, frankly, firm money to avoid serious security problems. Brian: It is what our clients want. It is what our clients need. Why else are we here? Peer to Peer 115