Washington Lawyer - May 2019 - 14


According to the ABA TECHREPORT 2018, 23 percent of survey respondents
reported experiencing at least one security breach in the history of their firms,
up from 22 percent the year before. A breach was described as everything from
a lost laptop to tapping into confidential data in the cloud.

Information security programs
have to be a constant work
in progress to react to changed
circumstances in the cyberthreat
environment in business and in

For lawyers who cross international borders for work, the dangers can be
heightened. Digital technology practices must be rigorous no matter what
country a lawyer resides in or visits, given that cybercriminals can successfully
launch phishing scams and ransomware from hundreds if not thousands of
miles away. The higher the profile of a firm or an attorney, the greater the
exposure to malicious attacks, experts say.
"Some countries are more than happy to keep track of your work or take your
laptop and rifle through it," says Sean C. Griffin, a member in the Washington,
D.C., office of Dykema. "As an attorney, you have an obligation to keep your
clients' information secret, whether you're there full-time or for a one-day
The 2018 Cost of a Data Breach Study by the Ponemon Institute found that the
average global cost of a data breach is $3.86 million, up 6.4 percent from the
previous year. The average cost for each lost or stolen record containing confidential information increased by 4.8 percent to $148. Now add in the reputational cost of that breach for lawyers and law firms.
There is no doubt that cyberwarfare threats are more real and present today
than they have been at any point in the past. And much is at stake for lawyers
who work internationally, both in terms of securing their professional and
personal data and maintaining the highest levels of privacy.

Courtesy of Sidley Austin

One of the challenges of operating a global firm is that offices need to communicate with one another across a vast digital landscape. Multiply the number of
offices, employees, and vendors across different countries with dissimilar digital
environments and safeguards, and gaps can be exposed in even the most conscientious cybersecurity systems.

Partner, Sidley Austin LLP

"Every time you put a lock on your door, somebody figures out how to pick
that lock," says Griffin. "Cybersecurity is the same way. You adopt a cyberprotocol, and somebody figures out a way around it. We try to be one step ahead
of the criminals, but the criminals are always right behind us. And we pay the
price for that."

With their rich stockpile of confidential data, law firms have become ideal
targets for cyberincursions, and hackers across the globe have the tools and
technologies to invade the devices and networks of even the most securityconscious lawyer.

The amount of information that law firms generate daily is proliferating, and
more data translates into more data interfaces and more opportunities for
potential exploitation, especially as law firms seek new clients in countries that
have laissez-faire cybersecurity rules and regulations.

"The dynamic and innovative technology in the law today means that the goal
of cybersecurity is constantly moving in a global environment," says Colleen T.
Brown, a partner at Sidley Austin LLP. "The challenges are continuously evolving.
Information security programs have to be a constant work in progress to react
to changed circumstances in the cyberthreat environment in business and in
technology. All of this means that the theater of war of cyberdefense for any
entity is always expanding."

"I think anytime there's more volume of anything, there's going to be attention
paid to it," says Jennifer A. Beckage, a partner at Beckage and a certified information privacy professional in the United States and Europe. "Obviously, in the
last 10 years there's been a large accumulation of data, and we're seeing more
regulations around that and how it's going to be used, with more interest in
getting that data."

In recent years, news reports of cyberattacks at mega firms such as Cravath,
Swaine & Moore LLP, DLA Piper, Foley & Lardner LLP, and Weil, Gotshal & Manges
LLP have brought the problem into stark relief. Cyberthreats are multifaceted,
resourceful, and very real.
"The law firm is a treasure trove of information for an attacker," says John Reed
Stark, former chief of the U.S. Securities and Exchange Commission's Office of
Internet Enforcement. "Law firms don't hide that information. It's usually filed
in a folder labeled 'hot documents,' so it's easy to spot."



MAY 2019


One of the reasons cybersecurity is so perilous and frustrating to implement
today is that organizations and individuals invite problems through their active
embrace of new technology that allows them to be more mobile and to work
remotely, amping up the risk of threats.
Additionally, there is a naiveté about the danger that comes with technology.
Call it an absence of a security mentality. Everyone inside a law firm recognizes
the importance of information security, the laws around cybersecurity, and
a firm's professional and ethical obligations to its clients. The bigger challenge
is convincing people that they can fall for the tricks perpetrated by hackers.


Washington Lawyer - May 2019

Table of Contents for the Digital Edition of Washington Lawyer - May 2019

Digital Extras
Your Voice
From Our President
Practice Management
Calendar Of Events
Cybersecurity Rules & Risks For The International Lawyer
Borders, Refugees & A Global Crisis
Climate Change: Turning To Law In Race Against Time
Member Spotlight
Global & Domestic Outlook
Worth Reading
Media Bytes
Attorney Briefs
Ask The Ethics Experts
Disciplinary Summaries
The Pro Bono Effect
Community & Connections
Special Coverage: Youth Law Fair @ 20
Last Word
Washington Lawyer - May 2019 - Cover1
Washington Lawyer - May 2019 - Cover2
Washington Lawyer - May 2019 - 1
Washington Lawyer - May 2019 - 2
Washington Lawyer - May 2019 - 3
Washington Lawyer - May 2019 - Digital Extras
Washington Lawyer - May 2019 - Your Voice
Washington Lawyer - May 2019 - From Our President
Washington Lawyer - May 2019 - 7
Washington Lawyer - May 2019 - Practice Management
Washington Lawyer - May 2019 - 9
Washington Lawyer - May 2019 - Calendar Of Events
Washington Lawyer - May 2019 - 11
Washington Lawyer - May 2019 - Cybersecurity Rules & Risks For The International Lawyer
Washington Lawyer - May 2019 - 13
Washington Lawyer - May 2019 - 14
Washington Lawyer - May 2019 - 15
Washington Lawyer - May 2019 - 16
Washington Lawyer - May 2019 - 17
Washington Lawyer - May 2019 - Borders, Refugees & A Global Crisis
Washington Lawyer - May 2019 - 19
Washington Lawyer - May 2019 - 20
Washington Lawyer - May 2019 - 21
Washington Lawyer - May 2019 - Climate Change: Turning To Law In Race Against Time
Washington Lawyer - May 2019 - 23
Washington Lawyer - May 2019 - 24
Washington Lawyer - May 2019 - 25
Washington Lawyer - May 2019 - 26
Washington Lawyer - May 2019 - 27
Washington Lawyer - May 2019 - Member Spotlight
Washington Lawyer - May 2019 - 29
Washington Lawyer - May 2019 - Global & Domestic Outlook
Washington Lawyer - May 2019 - 31
Washington Lawyer - May 2019 - Worth Reading
Washington Lawyer - May 2019 - Media Bytes
Washington Lawyer - May 2019 - Attorney Briefs
Washington Lawyer - May 2019 - 35
Washington Lawyer - May 2019 - Ask The Ethics Experts
Washington Lawyer - May 2019 - 37
Washington Lawyer - May 2019 - Disciplinary Summaries
Washington Lawyer - May 2019 - 39
Washington Lawyer - May 2019 - The Pro Bono Effect
Washington Lawyer - May 2019 - 41
Washington Lawyer - May 2019 - 42
Washington Lawyer - May 2019 - 43
Washington Lawyer - May 2019 - Community & Connections
Washington Lawyer - May 2019 - 45
Washington Lawyer - May 2019 - Special Coverage: Youth Law Fair @ 20
Washington Lawyer - May 2019 - 47
Washington Lawyer - May 2019 - Last Word
Washington Lawyer - May 2019 - Cover3
Washington Lawyer - May 2019 - Cover4
http://washingtonlawyer.dcbar.org/september 2017
http://washingtonlawyer.dcbar.org/september 2017