The question about a cyber incident is not if, but when. Sooner or later, one hundred percent of companies will be breached. For those of us not good at math, that means all of us. Yet we still tend to operate under the illusion that what we write is private; what we store is seen by intended eyes only; and where we travel is known only by those of us following the GPS.
Breaches are potentially a bigger problem for law firms in general than for most other businesses, if only because of the strict confidentiality that governs lawyer/client relationships.
For midsize law firms, “security” is a multifaceted challenge. After all, the toughest part of the midsize sales pitch is convincing clients that, despite smaller sizes and lesser resources, they are a “secure” alternative to Big Law. The “safety sell” by which their large-firm competitors maintain significant advantages on the market is very simple: bigger equals safer.
As part of an ongoing series of articles in different publications – this time in the American Lawyer’s Mid-Market Report – on cyber hygiene for law firms, general counsel, maritime and other industries and sectors particularly hard hit or vulnerable, we provide a guide, in this case for the midsize law firm. The best practices in prophylaxis are to prevent attacks and response protocols to minimize reputational damage if and when breaches do occur.
Enjoy the read. Forewarned is forearmed.