Posts by Jim Ballowe
SOC Reports Provide Critical Insights on Vendor Data Security Practices
I’ve written several times during the past year about the importance of information security for legal professionals. Mitigating the threat of unauthorized access to client confidential information is one of the most challenging operational responsibilities that law firms face today. Although there was a time when some legal community leaders believed that lawyers were not…
Read MoreRansomware Legislation: A Window Into Tomorrow’s Compliance Obligations
A few weeks ago we wrote about the threat that increasingly sophisticated ransomware criminals posed to law firms, and we suggested several measures that law firm leaders might take to minimize the likelihood that they — and their clients — would become a victim of these attacks. In this post, we look at another danger…
Read MoreSophisticated Ransomware Criminals Pose Growing Threat to Law Firms
The new year brings with it worrying trends about the rising threat to law firms posed by ever-more sophisticated ransomware attacks. Cybersecurity firm Skybox Security reported that ransomware criminals are thriving in the remote work environment ushered in by the COVID-19 pandemic. According to a recent Skybox security update, ransomware attacks rose 72% during…
Read MoreExercising Due Diligence in the Selection of a Tech Vendor
The task of conducting due diligence in the selection of technology vendors is a critical component of the lawyer’s ethical obligation to maintain reasonable security over client confidential information. However, for several reasons, it is also one of the most difficult tasks that law firms will undertake. Rule 1.6 of the American Bar Association’s Model…
Read MoreStaying Secure in the New Hybrid Workplace
Most observers believe that the legal profession is rapidly moving toward so-called “hybrid workplaces,” a term office managers use to describe a mixed-work environment that spans brick-and-mortar law offices, home offices, and myriad places in between. Cybersecurity experts have another word for the hybrid workplace: Nightmare. The hybrid workplace, they say, is fertile ground for…
Read MoreRevised State Data Breach Laws Demand Attention
I’ve written quite a bit during the past year about cybersecurity, urging lawyers to take seriously their obligations to protect client confidential information and to be judicious when acquiring technology and services that will be used to store and transmit client data. I’m returning to the topic of cybersecurity again today, this time to note…
Read More