Cybersecurity risks have been on the upswing recently in the business world, making the legal sector also prone to be victimized by cyberattacks. According to a study published by the American Bar Association (ABA), the number of law firms reporting a security breach increased from 26% in 2019 to 29% in 2020. With that in mind, let’s take a look at some of the reasons that cybersecurity is critical for the legal sector.
Cybersecurity Is An Ethical Obligation
Instituted by the ABA, law firms in the U.S. are expected to adhere to the Model Rules of Professional Conduct, which are designed to regulate the conduct of lawyers and law firms. The ABA has instituted some ethical considerations within this scope, including Formal Opinion 483, which focuses on “Lawyers’ Obligations After an Electronic Data Breach or Cyberattack.” In regard to when a data breach occurs or is likely to involve “material client information,” the “lawyers have a duty to notify clients of the breach and to take other reasonable steps consistent with their obligations under these Model Rules.”
Legal Firm Cybersecurity Gaps Place Client PII and Other Sensitive Information At Risk
Trial lawyers Campbell Conroy & O’Neil recently published a data privacy incident notice on their website that prompted an FBI investigation due to the risk of exposing PII (personally identifiable information), including Social Security numbers and driver’s license numbers, as well as other personal information such as online account credentials, financial accounts, and medical information.
Cyberattacks Lead To Downtime and Revenue Loss
When it comes to revenue in the legal sector, time is money. Law firms can’t afford downtime delays caused by cybersecurity breaches. In fact, 39% of respondents from a recent survey of law firms that experienced a cybersecurity breach stated that they suffered from downtime/loss of billable hours as a result.
Data Breaches That Target High-Profile Clients Can Diminish a Law Firm’s Good Reputation
For any law firm, protecting sensitive client information is key to building trust. This is a big reason why cyberattacks can be especially detrimental to law firms that have high-profile clients – which was case in point for the Grubman Shire Meiselas & Sacks law firm last year. After stealing the firm’s data, the ransomware group REvil threatened to auction off and ultimately leaked information belonging to some of the firm’s well-known clients. The leaked files included contracts, phone numbers, emails, and non-disclosure agreements.
The firm’s celebrity clients at the time of the breach included Lebron James, Nicki Minaj, and Mariah Carey, as well as corporate clients including Facebook, Sony, and HBO. The leaked information that was accessed as a result of the ransomware attack certainly diminishes the firm’s reputation for client privacy.
Need a hand with your cybersecurity? Contact us to chat about how we can help.