Several years ago, my insurance broker suggested I get cybersecurity insurance for my firm. It seemed a cybersecurity insurance policy was unnecessary, not much different from having an undercoating for a new car. That was then. Now, the benefits of having a cybersecurity insurance policy are not reasonably in dispute these days. In addition to having the security of insurance, another (and more important) benefit of getting a cybersecurity insurance policy was the requirement that I have an IT security and breach policy that deals with how to prevent a security breach and what to do if there is a security breach. While getting a cybersecurity insurance policy may still remain an option for many, having an IT security policy describing detailed procedures to protect against a cybersecurity attack (and what to do when the system is breached) is a must.

Need for Cybersecurity Measures

As our lives become increasingly digitized, it becomes especially important to consider how to protect confidential information stored electronically from cybercriminal hacking. Law firms, with their access to large quantities of confidential client information, represent a prime target for security threats. Lawyers must recognize the need to protect their data against security threats, and to consider what steps to take in the unfortunate event that they do become the victim of a security breach, particularly in notifying their clients and preventing future breaches.

Cybersecurity Threats to Lawyers and Their Clients