Revisiting ABA’s Law Firm Guide to Cybersecurity – Why You Should Care

Published nearly a year ago, the American Bar Association’s “Law Firm Guide to Cybersecurity” is more relevant than ever. Cybersecurity and Information Governance are major pillars in the legal sector. Law firms, litigation support providers, and corporate legal departments handle extremely sensitive information making it both crucial that these organizations implement cybersecurity best practices and stay informed in the current techniques hackers are deploying to get access to this information.

A common misconception is that only the biggest and largest players in an industry are susceptible to these malware, hacking, and data leak threats. While it is true that large organizations can be targeted more frequently, and there are certain sectors that can be targeted more than other such as law firms that handle government contracts versus civil litigation that doesn’t mean that it always happens that way. Any organization can fall prey to these attacks, regardless of the amount of data you handle, number of offices you have, litigation type you practice, and so on.

In order to prevent future attacks and curb the damage of successful attacks, there are various protocols and safeguards that organizations can implement to mitigate risk. That’s where the ABA’s “Law Firm Guide to Cybersecurity” comes in. The guide effectively serves as a high level actionable overview complete with tools to identify organizational cybersecurity assets, specific areas to focus your efforts on with associated guidance for implementation, and background to the “why” behind why you should care about this.

The guide is a great resource for identifying what security measures you already have in place and what you may be missing. While the list isn’t all inclusive, it covers many of the key areas that are low hanging fruit so to say that these hackers target.

Contents of the Law Firm Guide to Cybersecurity include:

  • Identifying Cybersecurity Assets
    • Network infrastructure
    • Systems and other hardware
    • Applications and data
    • Users
  • Strengthen Your Passwords
    • Use a password manager
    • Create a strong passphrase
  • Enabling Two-Factor Authentication
  • Enforcing Wifi Authentication & Enabling a Firewall

These are only a handful of the topics discussed within the guide, for the full list visit the American Bar Association’s website here.


Resources

[1] Lieber, B. (2020, October 1). Law Firm Guide to Cybersecurity. American Bar Association. Retrieved September 20, 2021, from https://www.americanbar.org/groups/law_practice/publications/techreport/2020/lawpay-cybersecurity/.