The quarterly publication of the International Legal Technology Association
Issue link: https://epubs.iltanet.org/i/938151
10 PEER TO PEER: THE QUARTERLY MAGAZINE OF ILTA | WINTER 2017 BEST PRACTICES Keeping Your Firm Out of Cybersecurity Headlines information on a case litigation strategy? Such a breach could result in the loss of both case and client, a loss potentially in the millions that could put you out of business. » Train all staff, from senior partners to administrative assistants, on good security practices, including how to recognize (and not click on) phishing e-mails. The LOGICFORCE survey found that only 22 percent of law firms had a documented cybersecurity training program for employees. Only 29 percent of the firms with training programs held them at regularly scheduled intervals, and only 42 percent made them mandatory for their aorneys. Know and understand what regulations apply in your practice areas (such as the New York regulations for firms in financial services) and customize your training accordingly. » Use encryption wherever appropriate. Deciding what is appropriate requires looking carefully at your data, its level of sensitivity and what type of encryption is most effective. » Secure new services. Competitive pressure is driving law firms to offer new online services such as web portals and virtual private networks to meet client need for information on demand. Such services can also create new ways for hackers to break into your network and access data, so make sure that your security/risk team reviews all new services for vulnerabilities. » Thoroughly vet the security of third-party service providers, including cloud service providers. Understand where they store your data, whether and how it is encrypted and what security standards and certifications the provider meets. » Make sure systems and soware are patched and up to date. Conclusion In hindsight, 2017 may prove to be a turning point in law firm cybersecurity and become noted as the year when many firms made cybersecurity a top priority. Whatever history tells us about 2017, you can determine to significantly lower the chances of your firm making headlines in 2018. The very visible damage from data breaches combined with increased demands by clients for improved security makes a convincing case for investing to protect your data and your business. P2P DAVID LEVINE David Levine is Vice President of Information Security & CISO for Ricoh USA, Inc. Levine chairs Ricoh's Security Advisory Councils and HIPPA Board of Directors, leads Ricoh's Global Virtual Security team and is routinely engaged in customer opportunities to discuss risk and security. He holds a Bachelor of Arts degree in Information Systems with minors in Computer Science and Business from Eckerd College.