The American Bar Association, Standing Committee on Law and National Security (of which, full disclosure here, I am a member) has released a new book: “The ABA Cybersecurity Handbook: A Resource for Attorneys, Law Firms and Business Professionals,” edited by Jill. D. Rhodes and Vincent I. Pulley. Here’s part of the description:
[L]aw firms, government law departments, and other similarly situated organizations have become prime targets. Lawyers have limited resources to dedicate to computer security, may not have a sophisticated appreciation of the associated technology risks, and lack an instinct for cybersecurity. Lawyers have become “soft targets in the hunt for insider scoops on mergers, patents, and other deals.” At the same time, law firms may not only be soft targets, they may also be attractive targets — if they are known to have a large corporate client base, an attacker may be drawn to them, like a bee to honey. While the corporate clients themselves may have sophisticated computer security defenses, their law firms’ defenses are probably weaker. And once inside a law firm’s defenses, the intruder likely has access to all of the firm’s client information.
The ABA Cybersecurity Handbook: A Resource for Attorneys, Law Firms and Business Professionals provides practical cyber threat information, guidance, and strategies to lawyers and law firms of all sizes. The guide considers the interrelationship between lawyer and client, establishing what legal responsibilities and professional obligations are owed to the client in the event of a cyber attack. The book provides strategies to help law firms defend against the cyber threat, and also offers information on how to best to respond if breached.
Probably worth looking at for any practicing attorney who reads Lawfare.