Cybersecurity and Ethics: Assessing Risks and Understanding Responsibilities
by David Myers, JD | Cybersecurity & Technology Lawyer
Lawyers should be on high alert regarding cybersecurity. Recent high-profile breaches have brought attention to law firms as valuable targets of cyber criminals. The Panama Papers constituted the largest leak ever. The Panama-based firm of Mossack Fonseca had about 11.5 million documents and 2.6 TB of information stolen. The people implicated in this breach include many rich and powerful world leaders. In March 2016, it came to light that some of the largest law firms in the United States were hacked, including Cravath Swaine and Moore, LLP, and Weil Gotshal and Manges LLP. There were many more firms hacked, but these two stand out because they are huge and have far more resources than the small and midsize firms. Hackers now realize that law firms of all sizes hold volumes of valuable client data.
All lawyers, from mega firms to solo practitioners, need a refresher course on cybersecurity. This article provides a high-level review of the legal and ethical obligations business and estate planning attorneys face in today’s digital world, and reviews some recommended practices to minimize small firm cybersecurity risks.