Extract from Jim Gill’s article “Law Firms and Cyber Attacks: InfoGov Isn’t Just for Corporate Legal Teams Anymore”
From the beginning, Information Governance, or InfoGov, has been focused on helping Corporations manage their data, often involving the legal, compliance, and IT departments working together. But what about a corporation’s outside counsel?
More and more, law firms are being targeted in ransomware attacks because they house or have access to their corporate clients’ data but often don’t have the same robust information security measures in place that their corporate clients utilize.
Why Law Firms are Security Targets
As Jake Bernstein, a partner at K&L Gates in Seattle, puts it in a recent interview, “Law firms make amazing targets on every conceivable level. They have loads of valuable data, and they are ethically required not to lose that data, which might make them more willing to pay ransoms quickly and quietly. Additionally, attorneys are stereotypically not a tech-savvy bunch, and they have a professional predisposition to move quickly through emails in order to get things done. Even the largest law firms are still small compared to most enterprise-class companies, meaning that their cybersecurity is unlikely to be top-of-the-line.”
