Got cybersecurity? Some corporate clients ask law firms for proof
Posted Mar 27, 2014 10:49 AM CDT
By Debra Cassens Weiss
Some banks and corporations are demanding that law firms improve their computer security systems and seeking proof that adequate steps have been taken.
Some bank officials have asked law firms to fill out 60-page questionnaires about their cybersecurity measures, while others are visiting firms to conduct their own inspections, the New York Times DealBook blog reports. Some law firms are also being asked to add insurance coverage for computer breaches.
The story says clients want law firms to stop risky practices that include: putting files on portable thumb drives, emailing documents to nonsecure iPads, and linking to shared networks in countries where hacking is common.
Several representatives from large law firms told the Times that the security threat is being exaggerated. But lawyer Vincent Polley, who contributed to an ABA book on cybersecurity, told the newspaper that many law firm managers are in denial about cybersecurity risk. “A lot of firms have been hacked, and like most entities that are hacked, they don’t know that for some period of time,” Polley said. “Sometimes, it may not be discovered for a minute or months and even years.”