Search
Certified Public Accountants
& Business Consultants

Focus on Law Firms: The Current State of Law Firm Cybersecurity

Contact Our Team

A survey conducted by the American Bar Association (ABA) finds that attorneys are reporting more instances of security breaches within their information technology systems.
November 23, 2015

A survey conducted by the American Bar Association (ABA) finds that attorneys are reporting more instances of security breaches within their information technology systems. The ABA’s 2015 Legal Technology Survey Report is comprehensive and focuses on major aspects of law firms’ technology operations. The full survey is available for purchase here.

The Survey observes:
That 15 percent of all respondents experienced a security breach in 2015. That includes such events as lost/stolen computers or smartphones, hacking, break-ins or website exploits. Even more startling is that 23 percent of respondents did not know if their law firm ever experienced a security breach.

Of the 15 percent of respondents that experienced a breach:

  • 60 percent reported that no significant business disruption or loss occurred
  • 30 percent reported that breaches created downtime/loss of billable hours
  • 18 percent reported that it resulted in the destruction or loss of files
  • 7 percent reported unauthorized access to other (non-client) sensitive data
  • 5 percent reported that it resulted in notifying clients of the breach, and
  • 3 percent reported that it resulted in unauthorized access to sensitive client data.

Safeguarding sensitive information is a constant battle that many firms endure, especially with attacks of firms’ IT systems becoming more sophisticated. High profile events related to cybersecurity have caused information security to become a top priority with firms’ strategic plans.

When considering requesting help to handle these matters, ask these questions:
  • Do you have security concerns reported to you or executive leadership?
  • Has your company been breached? If so, how ready were you? Did you have a response plan already prepared?
  • What is the most important information to protect?
  • Who would know if your company has been breached? Would they know what to do?
  • Do you have audit, regulatory or compliance requirements for annual security testing? What about security requirements imposed on your firm by your clients?

RubinBrown has a team devoted to assessing cyber risks for law firms. For questions or for more information, please contact us.

 

Any federal tax advice contained in this communication (including any attachments): (i) is intended for your use only; (ii) is based on the accuracy and completeness of the facts you have provided us; and (iii) may not be relied upon to avoid penalties.

All Law Firms News Law Firms Overview

 

For more information, please contact: