Over the last decade, it has become increasingly apparent that law firms are one of the hottest targets for cybercriminals seeking to benefit from sensitive client data. Just this year, data breaches like those at Cravath Swaine & Moore, Weil Gotshal & Manges, and Mossack Fonseca have demonstrated that most firms do not have basic cybersecurity controls in place for detecting and mitigating data breaches. According to the New York Times, in 2014 global banking institutions responded by increasing pressure on outside law firms to demonstrate they are utilizing top-tier technologies to defend against cyberattacks. Often, these firms must consent to on-site inspections and are required to fill out 60-page questionnaires detailing their cybersecurity measures in minute detail.
The cases above are somewhat extreme, but they demonstrate the seriousness of the threat of cybercrime to law firms. The following steps will help your firm comply with such requirements while protecting sensitive client data from cybercriminals.
