The International Legal Technology Association’s 2022 survey is a broad treasure trove of data reported from 541 law firms.
There are 11 major topics including Infrastructure, Document Management, Practice Management, and Business Continuity.
My focus is on four of the twenty-seven questions surveyed in the Security section.
Password managers are one of the most highly recommended solutions for security. They help with: using complex passwords, deterring repeat usage of passwords, and providing secure storage for passwords. There is a learning curve to using a password manager, but once I got up to speed, I wondered how I would live without it. We have so many passwords to juggle these days. I am surprised that 50% of respondents are not providing a password manager.
2. Multi-factor Authentication
Perhaps the single most recommended security mitigation is multi-factor authentication (MFA). Here we see Duo Security (a Cisco company) is the leader at 45%. There are three Microsoft solutions listed which total 27%.
In legal tech, it’s notable when a third-party solution is more widely adopted than a Microsoft solution as most law firms operate on the Microsoft stack.
3. What do You Secure with MFA?
The largest response is VPN/Remote Access. Then Office 365. It’s very good to see high adoption of MFA for these widely used applications.
4. Which Phishing, Vishing, Social Engineering, or Security Awareness Program?
KnowBe4 is the stand-out at 62%. Others used are Mimecast, Traveling Coaches, Proofpoint, managed service providers, and solutions developed in-house. Only 7% reported “None.” As phishing and social engineering are the cause of about 90% of exploits, law firms are wise to have these programs in place.
It was wonderful to meet with you all! Last week was the first fully in-person annual educational conference of the International Legal Technology Association (ILTA) since 2019. ILTACON is truly an event of peer-to-peer sharing. Many of the members have relationships dating back decades. Having an in-person event again was fantastic.
Security was one of the most in-demand topics. There were sessions on phishing, ransomware, breaches, and solutions. Here are three takeaways from sessions which I attended on what to do when a breach occurs. Note: I am not a cybersecurity expert. These are commonsense points which anyone can learn from.
At 10 PM on Saturday night, Asher in Support gets a call from an attorney who says, “I’m looking at a screen which says, ‘Your network has been locked!'” Asher was educated to escalate any such messages immediately. Let’s assume that this message gets to the CIO within minutes.
Who does the CIO call first?
Is it a contracted or pre-vetted cybersecurity services provider?
Is it the cybersecurity insurance carrier?
In a session which included both a panelist from a top cybersecurity services provider and a panelist from a major cybersecurity insurance carrier, each argued that they should be the first call. Each may have distinct objectives.
The cybersecurity insurance carrier will immediately send in their SWAT team. This expertise may be quite welcome at the law firm. A good carrier will bring great expertise to bear. At the same time, law firms report that when the insurance carrier team arrives, they lose control of the process. The firm IT team may be sidelined, by contract. The insurance company may have as its top priority forensics. One of their objectives is to discover if the law firm were out of compliance with the policy.
The cybersecurity services company will also send in their SWAT team and bring great expertise and experience to bear. If the firm has vetted the services company their objectives should be aligned with the law firm’s.
Objectives include stopping exfiltration of firm data and business continuity. Law firms will want to safely get back to business-as-usual as quickly as possible.
2. Breach Counsel
One of the first things that the cybersecurity insurance carrier will do is to get their breach counsel engaged in the process so that communications are privileged. Law firms are uniquely positioned to get their own attorneys involved. Whether it is the insurance carrier’s attorney or a firm attorney, involve an attorney on all communications immediately. There will be public communications following the breach and perhaps legal action. Need I say more?
3. CIO Fiat to Shut Down Systems
When there is a breach, time is of the essence. Data may still be exfiltrating. While no law firm wants to do so, the best action may be to shut down all systems immediately. The moment when the firm’s data is flowing out to the hackers is not a good time to educate and negotiate with the firm’s executive team regarding shutting down systems. The CIO should have clear authority in advance to shut down systems.
Bonus: Have a Plan
Your firm is a target. Services, like Dark Utilities, make it easy for hackers to to set up a command center (C2) for malicious operations. Prices for C2-as-a-Service start at EUR 9.99. Easy, inexpensive tools mean that firms of any size are a target for “drive-by” attacks.
Even while your full incident recovery program is in development, it’s time well-spent to have a plan for the three points above in order to respond quickly.
One of the benefits of ILTACON is that we learn what has worked for other law firms in real world settings. Each firm should assess their own response plan.
Our “baby,” the LINK App, is a full-fledged teenager now, growing by leaps and bounds and taking the car out for a spin.
If you have not seen LINK in the past 12 months, you’ll find this demo video an eye-opener. Split-screen mode and multi-tabbed view are a fantastically productive way to work on tablets. You work in several lives screens.
This new demo video is a quick way to see some of LINK’s best workflows. Use the timeline to go directly to the feature which you want to see. Let us know what you think. To schedule a demo, write to us: email@example.com.
0:00 – Authentication 0:34 – LINK Home Screen 1:42 – SharePoint / Portal / Web Resources 2:15 – My Files in LINK 3:11 – Navigate in iManage Work 3:22 – Split-screen Mode & Multi-tab View 5:57 – Search iManage 7:30 – Quick Lookup – Client/Matter & Doc ID 8:42 – List All Files 9:36 – PDF Viewer Features 11:02 – Annotation 12:25 – Check-in to iManage 13:20 – Email a File from iManage 15:15 – Edit with the Word App 17:15 – Check-in to iManage 18:20 – Compare Edited Version 19:00 – Inbox: Search, Sort, Filter 19:28 – Open an NRL, Annotate, & Email 20:13 – Predictive & Multiple Filing to Outlook and iManage Folders 22:25 – Compose an Email, Attach a File in iManage, Send & File
Our next ILTA webinar is: “Email Management Integrated with DMS in the LINK App” on October 20th. You’ll see LINK’s email usability features as well as predictive filing to Outlook and DMS folders. Learn more and registerHERE.
Working remotely became a neccessity almost overnight. But were firm architectures ready? Two common entry points to system hacks, social engineering and network vulnerabilities, threaten the security of remote working. In this session, Mobile Helix CEO and Chief Architect, Seth Hallem, will describe these vulnerabilities and propose practical and actionable ways to address these weaknesses using safe browsing, network proxies, authentication, authorization, and DLP. These mitigations apply to both desktop and mobile devices.
This is an ILTA Educational Webinar. It is free to members as well as to non-members as part of ILTA’s COVID-19 content. Non-members may register for a free login-in.
We are back from a busier than ever ILTA LegalSEC Summit. People attend LegalSEC to genuinely learn how they can keep their law firms protected. This is no easy feat because cybersecurity is a moving target. While Big Law firms participate, there is great value for small and medium sized firms where there might not be a CISO. The Director of IT or network engineer might be the security department. The two or three days at LegalSEC are packed with information.
This year the well-received keynote by William R. Evanina, Director of the National Counterintelligence and Security Center, was recorded. Another popular session was “Leverage These Free Resources to Up Your Security and Governance Game.” Both of these and several other LegalSEC 2019 sessions can be heard at no cost by ILTA members, here.
Heads up, save the date. Next year’s LegalSEC Summit 2020 will be June 1-3 and the location…San Antonio at the Marriott Riverwalk. If you have visited the Riverwalk you know that this is a fantastic location. Hope to see you there.
and we are a sponsor again this year. We will be at Table number one showing LINK’s latest mobile DLP features.
Stop by to say hi and to see a LINK demo. Our LINK app’s encryption,
containerization, and authentication provide strong security for your
documents and data. Now LINK offers key word and metadata filtering,
recipient checking, and restriction on emailing files from classified
LegalSEC Summit 2019 is designed for technology professionals at every level who manage security, information governance and data privacy tech projects and initiatives in support of the practice of law. This exciting two-day Summit offers premier learning and a connected networking environment to focus on information security challenges faced by the legal industry.
Do you use NetDocuments® DMS today or are you evaluating NetDocuments? If you are looking for an encrypted container app approach for mobile NetDocuments DMS, our LINK app may provide that extra client-side security that you are looking for.
Date and time: Monday, February 11, 2019, Noon EST
Can your lawyers work with iManage®, NetDocuments, SharePoint and the firm intranet from smartphones and tablets? Mobility for lawyers lives at the challenging crossroads of ease-of-use and security. We’ll look at top solutions used in legal today, covering topics including: