Corporate Clients Should Ask Specific Questions About Law Firm Computer Security, Experts Say
We live in a world in which computer attacks via the Internet are routine, and many law firms are both particularly inviting targets and especially vulnerable.
So determining whether outside counsel has sufficient computer safeguards is a question business clients should routinely ask, according to Corporate Counsel.
One expert says 80 major law firms were hacked last year, Bloomberg reports.
And in a recent Forbes column, another expert tells a chilling tale of two partners from an unidentified law firm who visit him for advice after discovering that all of their client files have been obtained by China-based hackers.
The conversation with the unidentified lawyers continues in a second and third installment, with further Forbes posts ongoing.
It’s difficult not to be victimized in such attacks, which often involve opening an attachment to a seemingly legitimate spoofed email that purports to be from a known individual such as a work colleague, says Alan Paller of the SANS Institute.
So corporate clients should ask—and law firms should be prepared to answer—some specific questions about Internet security, another expert tells Corporate Counsel.
Among them: Does the law firm keep logs of everyone who has accessed client files and require the use of complex passwords on its work stations and servers?
“The issue ends up being that the lawyers are so oriented to the convenient use of computers,” says Eric Friedberg, a former federal prosecutor who is now co-president of consultant Stroz Friedberg. “It presents real challenges to pervasively establish a culture of security, because convenience has to be subjugated to secure computer use.”
For the complete list of computer security questions he recommends that business clients ask their law firms, read the full Corporate Counsel article.
Related coverage:
ABA Journal: “Cyberspace Under Siege”
ABA Journal: “The Hacktivists: Web Vigilantes Net Attention, Outrage and Access to Your Data”
ABAJournal.com: “Almost 20% of Home Computers, 7% of Corporate Ones are Botnet Slaves, Expert Says”
ABAJournal.com: “Some NY Law Firm Reps Said to Be Clueless as FBI Warned of Hackers Seeking Corporate Data”
