Summary: Ensuring client information is kept safe is a requirement that clients are demanding from their law firms.
Data breaches are not only a hassle for the company compromised but for also the owners of the data stolen. Law firms are the owners of highly sensitive and valuable information, making them a constant target. Law firms know they are a big target so they should be putting extra securities into ensuring their data is secure, and their clients are demanding they do this.
Pennsylvania law firms are taking a big step towards increasing their cybersecurity and data privacy are top quality. Aderant, a legal software company, noted that 32 percent of law firms name their biggest challenge as cybersecurity, according to Law.com. Pennsylvania law firms trying to address cybersecurity concerns are dealing with constantly adapting technology and the cost of keeping up with the industry, but they have to if they want to satisfy the demands of their clients.
McNees Wallace & Nurick’s privacy and data security group chair Devin Chwastyk explained that law firm clients want reassurances that their data is secure. Clients are now putting data security addenda on their fee agreements. He said, “Cybersecurity as a line item has certainly become a bigger expense for us. That was inevitable regardless of client demands.”
Barley Snyder managing partner Jeff Lobach stated, “Every RFP now requires us to disclose how we protect confidential information.” Lobach added that their clients have not been disappointed with his firm’s security measures but if they ever were, they would be expected to change things to satisfy the client.
Hangley Aronchick Segal Pudlin & Schiller partner Alan Promer explained that their firm has seen increases in their technology spending, greatly due to security costs. As technology costs continue to increase, much of the costs are not scalable, so the costs are the same for large, midsize, and small law firms. Promer said, “It really is an imperative” to keep current on cybersecurity matters. Smaller clients may not have as extensive of demands for security on their information but that does not take away from the steps that have to be taken to ensure security is in place. Large firms will have entire teams dedicated to cybersecurity and data privacy.
Common steps include firewalls, intrusion detection, antivirus systems, encryption and multi-factor authentication, according to Promer. He added that they have an outside contractor perform a security audit every year.
Law firms are also seeing cyber insurance pop up as an option that requires firms to maintain a certain level of safeguards in order to be covered. Law firms are opting to hire professionals that specialize in cybersecurity to handle everything. Promer said, “A smart lawyer is only going to engage in the things they’re knowledgeable about. I don’t know many lawyers that speak fluent cybersecurity.”
Law firms of all sizes are affected by cybersecurity concerns. Chwastyk said, “Even the solo practitioners are worried about this. They all recognize they have particular obligations under the rules of professional conduct to guarantee confidentiality.”
Do you think technology has made keeping confidential information easier or harder to keep safe? Share your thoughts with us in the comments below.
To learn more about law firms that have been hacked, read these articles:
- Will Cravath Swaine & Moore and Other Law Firms Get Hacked Again?
- DLA Piper Is First Law Firm Hit by Global Ransomware Attack
- Law Firms Teaming Up to Protect Each Other’s Data
Photo: pixabay.com