Cybersecurity

349 ABA Journal articles on Cybersecurity.

97% of cybersecurity leaders are evaluating vendor security, including law firms, says new survey
Ninety-seven percent of corporate cybersecurity leaders say they formally evaluate the security practices of vendors, like law firms, according to a new survey.
Simulations test law firm system security
As technology evolves, threats and vulnerabilities evolve, too. To not be caught on the back foot, firms are using simulations to find vulnerabilities and build or bolster their cybersecurity systems, as well as cultivating firmwide culture change to train employees.
Thomson Reuters releases new data privacy research tool
Thomson Reuters has released the Data Privacy Advisor, a web platform that centralizes global legal and regulatory data privacy information.
Traveling lawyers get new protections in device searches at border
Hundreds of American lawyers will be traveling to Vancouver, British Columbia, for the upcoming ABA Midyear Meeting. As they pass through U.S. and Canadian customs, they and their electronic devices can be searched.
What cybersecurity precautions do you take?

Do you use a password manager? Two-factor authentication? The ABA Journal is presenting a yearlong series of cybersecurity stories on the web and our print magazine, and this week legal…

Robert Litt has been out front on online threats for decades (podcast)
Robert Litt has confronted cybersecurity and encryption issues for two presidential administrations. With Russian interference in the 2016 election as a backdrop, Litt, an ABA Journal Legal Rebels Trailblazer, says the U.S. has been facing online threats essentially since the internet's creation.
5 cybersecurity steps you should already be taking
If you have not noticed yet, the ABA Journal is undertaking a yearlong cybersecurity series.
Large law firms’ secret information from big-money clients entice cyberthieves
If personal and confidential data are the currency in today’s electronic world, then law firms are sitting on a gold mine.
Prepare, practice, protect: A strategy for defeating cyberthreats to lawyers

Corporate litigator Jane Doe sat down at her desk Monday morning and logged on to her computer. She opened an email appearing to be from a client that read: “Hi. Could you please take a look at this document? It’s urgent.” Doe clicked on the attachment. Two weeks later, a hacker website published confidential documents that one of her most important clients had given the firm in connection with a lawsuit alleging environmental violations. Doe’s client called, furious, to inform her that she was discharged, and that the client was considering a lawsuit against her firm.

Every week brings news of major new cyberattacks—the stealing of personal information from Equifax and the federal Office of Personnel Management, the Petya and WannaCry ransomware worms, the Russian hacking of the Democratic National Committee’s emails, to name a few. Indeed, the cyberthreat from criminals, hacktivists and state actors is growing. The costs associated with these malicious activities are staggering: Last year, the Commission on the Theft of American Intellectual Property estimated that the annual cost of IP theft in three major categories may be as high as $600 billion and that the low-end total exceeds $225 billion, or 1.25 percent of the U.S. economy.

Digital Dangers logo.

ABA Journal series: Cybersecurity and the law

Law firms have not been immune. In fact, they have been a ripe target:

  • Several major New York City law firms working on public mergers and acquisitions were hacked in 2014 and 2015 as part of a sophisticated insider-trading scheme.

  • In 2012, hackers believed to be linked to the Chinese government obtained confidential documents related to solar panel designs by hacking into a prominent Washington, D.C., firm.

  • A Panama-based law firm was the target of the largest data theft ever by volume: A hacktivist website obtained 11.5 million individual documents stolen from the firm (2.6 terabytes of data), which contained confidential financial information about the firm’s clients.

  • Among the many entities victimized by the Petya ransomware attack this past year was a BigLaw firm that was forced to take some of its email servers offline for an extended period.

Man in front of American Flag

John Carlin

The nature of their work and the resulting sensitive data make law firms enticing targets. Law firms conduct due diligence and internal investigations, negotiate settlements, provide advice on regulatory issues, and handle important contractual negotiations and litigations. In the course of their representations, they often have access to a wide range of confidential client information, including trade secrets and other intellectual property, financial data, business strategies and national security information. All of this can be valuable to criminals seeking monetary gain, to businesses seeking a competitive edge or to foreign intelligence services.

Technology enhances the risk. Records that a law firm once kept on physical pieces of paper in file cabinets now reside on data servers or in the cloud. Lawyers increasingly communicate using mobile devices or email. Firms’ use of a growing number of devices that are connected to the internet—the “internet of things”—creates new vectors of vulnerability. While these developments may have made the logistics of legal practice easier, they have also introduced additional opportunities for illicit access.

Cybersecurity and the Law
Our yearlong series explores cybersecurity and how lawyers can better safeguard their confidential information. See our first installments:

Prepare, practice, protect: A strategy for defeating cyberthreats to lawyers

Large law firms' secret information from big-money clients entice cyberthieves
The top 10 legal tech stories of 2017
What were the year's most important legal tech stories? Read ABA Journal legal affairs writer Jason Tashea's takes on how cybercrime to self-tracking devices to tweets had an impact on the law in 2017.
DLA Piper had planned a cyberbreach response before major malware attack in June

DLA Piper had planned its response to a cyberbreach before its systems shut down in response to a major malware attack last June.

Don Jaycox, DLA Piper’s chief information officer…

Court narrows order requiring Coinbase to give user data to the IRS

A federal judge has ordered cryptocurrency exchange Coinbase to hand over user data to the Internal Revenue Service.

Twelve months into this court battle, Coinbase and the IRS have been…

BakerHostetler and Perkins Coie named ‘founding stewards’ in new blockchain ID network

BakerHostetler and Perkins Coie are “founding stewards” in the new blockchain-based identity network Sovrin.

On account of high-profile data breaches of personal information and the increased interest and feasibility of…

Uber ousts in-house counsel who suppressed information about 2016 data breach

An in-house attorney for Uber is no longer with the company after it was discovered that he’d helped suppress news of a data breach, the Recorder has reported.

Attorney…

Read more ...




Digital Dangers logo with thumbprint lock.
Cybersecurity and the law
A guide for practitioners ...

Defending Justice shield logo.
Essays on judicial independence
A new online series ...


Your Voice

Articles and commentary ...


Podcasts

More podcasts ...