As clients put more pressure on firms to show they have a proactive information security plan, law firms are prioritizing technology risk management and cyber liability insurance. The pressure is coming as data breaches are on the rise and supply chain risk management and due diligence is becoming a hot topic. While the term cyber security alone may scare you, the task of protecting your environment is not as daunting as it may seem. Because of the increased awareness, more firms are purchasing cyber liability insurance and are taking all available precautions to protect themselves and their clients from the escalating risk to sensitive information which has been entrusted to their care.
This is an excerpt from an article that was published in the KCMBA Counselor and written by Travis Holt. To read the article, click here.
There was a great article today in Law Technology News on the importance of cyber risk management and the impact a good risk profile has on the insurance costs. Judy and Ben hit the nail on the head and in addition to the risk profile, a firm who properly transfers risk to their technology vendors is much more attractive to an insurer.
If you think of all the technology vendors and subcontractors you have, ask yourself if you know whether or not they’ve accepted the exposure of a loss of your data or outage of a hosted platform. Most likely the answer is no! And even if they have accepted the liability, have you asked them for the right insurance coverages and done the proper due diligence on those insurance products? This is a process that every law firm, and other businesses who use technology, should go through to properly understand their technology risk.
You can read the full article here from Law Technology News.
There are always debates about the pros and cons of moving to the cloud and while we have been in favor of law firms making the move for the past 3 years, many others are now coming around. Recently there was an interesting article in Law Technology News, called “5 Reasons to Virtualize Law Firm Computing” (click here for the entire article) that outlined their Top 5 reasons to move to the cloud. While most of the Top 5 are things we’ve heard before like profitability, ease of use, and product offerings, security cracks the list at number four. This is a controversial one as we talk to firms frequently who feel like outsourcing makes their data less secure and reliable. We understand this sentiment but agree that virtualization and moving to the cloud makes your environment more secure.
A vendor who is in the business of providing cloud services to law firms should spend a significant amount of money on security, more than most law firms could find room in the budget for. Additionally, there are many ways you vet your potential technology vendors to find out which ones take data security seriously and which don’t. The alternative for most firms is to buy all of the equipment and hire an IT manager or outsourced IT services provider to manage the on site environment. In most cases, this leaves the keys to the IT kingdom in the hands of one individual which is a significant vulnerability for any law firm. As you’re thinking about moving to the cloud, security should be one of the first things you consider and should definitely be a positive in almost every case.
To read the entire article and see the LTN Top 5, click here.
Mobile breaches have become a growing area of concern in the law firm community. With many firms choosing to allow attorneys and employees to use their own devices, managing those devices is becoming a big challenge. According to a recent study done by Gartner, they estimate that by 2017, 75% of mobile device breaches will be a result of the faulty configuration of applications. As breaches increase and more firms move to allow attorneys to bring their own devices, how will you regulate the use of the applications?
The three steps all firms should take are:
- Create and implement a BYOD policy
- Educate your employees on the risks associated with mobile devices
- Install a mobile device management platform and require the enrollment of all mobile devices
For more information on the Gartner study, click here. Additionally, there was a great article from Law Technology News titled, “Do BYOD Risks Outweigh Benefits?” that you can read here.
According to a recent Law360 article, weak engagement letters are to blame for a flurry of recent legal malpractice claims. The article, which you can read here, discusses the use of engagement letters in recent legal malpractice claims and says in 65% of the cases, an engagement letter wasn’t used. It goes on to say that in only 5% of the cases, there was a well drafted engagement letter that limits the law firms liability.
While there are many things we recommend law firms to do craft strong engagement letters, here are three tips:
- Do not provide any guarantees
- Be very clear with the client about the project you were hired for
- If the client is new to the firm, get a retainer and make sure it is substantial