CBA Record November 2017

Y O U N G L A W Y E R S J O U R N A L

LAW FIRMS NOT IMMUNE TO THIS EVOLVING THREAT The Benefits of Having an Incident Response Plan for a Law Firm By Brian C. Eaton

D ata breaches today are becoming more of an inevitability than a possibility. Law firms are not immune to the evolving threat of data breaches. Most notably with the “Panama Papers” breach of Mossack Fonseca, to high profile New York firms, and the recent class action suit against a Chicago based firm, the legal profession has faced their share of very public data security issues. Law firms that are not prepared to deal with a breach

are vulnerable to a worst-case scenario fallout from the event. Data breaches in law firms are becoming more of a trend than an anomaly because law firms are a rich target for hackers. They can be storage houses of sensitive personal information, inside information on mergers and acquisitions, health care information and other types of data that can be used for identity theft. They are also generally perceived to be softer targets

than some of their clients when it pertains to data security; thus, making them more appealing. Smaller to mid-size firms, may not be able to afford the substantial time and financial investments to stay protected. Large firms generally have to fend off more attacks because of the vast amount of information they hold. Also, while law firms may not have collected the health information or other data directly from individuals, under HIPPA and state breach

34 NOVEMBER 2017