law firm data breaches and legal malpractice risks
play

Law Firm Data Breaches and Legal Malpractice Risks Assessing - PowerPoint PPT Presentation

Sep 20, 2022 •317 likes •942 views

Presenting a live 90-minute webinar with interactive Q&A Law Firm Data Breaches and Legal Malpractice Risks Assessing Vulnerabilities, Defending Professional Liability Claims, Evaluating Insurance Coverage TUESDAY, MAY 3, 2016 1pm Eastern

  1. Presenting a live 90-minute webinar with interactive Q&A Law Firm Data Breaches and Legal Malpractice Risks Assessing Vulnerabilities, Defending Professional Liability Claims, Evaluating Insurance Coverage TUESDAY, MAY 3, 2016 1pm Eastern | 12pm Central | 11am Mountain | 10am Pacific Today’s faculty features: Margaret A. Reetz, Partner, Mendes & Mount , Chicago Hillard M. Sterling, Partner, Winget Spadafora & Schwartzberg , Chicago The audio portion of the conference may be accessed via the telephone or by using your computer's speakers. Please refer to the instructions emailed to registrants for additional information. If you have any questions, please contact Customer Service at 1-800-926-7926 ext. 10 .

  2. Tips for Optimal Quality FOR LIVE EVENT ONLY Sound Quality If you are listening via your computer speakers, please note that the quality of your sound will vary depending on the speed and quality of your internet connection. If the sound quality is not satisfactory, you may listen via the phone: dial 1-866-869-6667 and enter your PIN when prompted. Otherwise, please send us a chat or e-mail sound@straffordpub.com immediately so we can address the problem. If you dialed in and have any difficulties during the call, press *0 for assistance. Viewing Quality To maximize your screen, press the F11 key on your keyboard. To exit full screen, press the F11 key again.

  3. Continuing Education Credits FOR LIVE EVENT ONLY In order for us to process your continuing education credit, you must confirm your participation in this webinar by completing and submitting the Attendance Affirmation/Evaluation after the webinar. A link to the Attendance Affirmation/Evaluation will be in the thank you email that you will receive immediately following the program. For additional information about continuing education, call us at 1-800-926-7926 ext. 35.

  4. Program Materials FOR LIVE EVENT ONLY If you have not printed the conference materials for this program, please complete the following steps: Click on the ^ symbol next to “Conference Materials” in the middle of the left - • hand column on your screen. • Click on the tab labeled “Handouts” that appears, and there you will see a PDF of the slides for today's program. • Double click on the PDF and a separate page will open. Print the slides by clicking on the printer icon. •

  5. Law Firm Data Breaches and Legal Malpractice Risks Assessing Vulnerabilities, Defending Professional Liability Claims, Evaluating Insurance Coverage May 3, 2016

  6. Law Firms as Targets for Attack High Risk? Some Clients Think So … “high Large law firms are at risk for cyberintrusions. ” According to an internal report by Citigroup’s cyberintelligence center that called for public disclosure of security breaches by law firms (“law firms would continue to be targeted by malicious actors looking to steal information on highly sensitive matters” – mergers/acquisitions, patent applications) [From NY Times, DealBook blog March 2015] 6

  7. Law Firms as Targets for Attack Recent Developments: January 2016- Security firm Flashpoint Issued alerts to law firms in January and February about the threats and has acquired a copy of a phishing email that is aimed at law firms FBI Alert - March 2016 • FBI issues an alert that it has information that hackers are specifically targeting international law firms as part of an insider trading scheme. • “In a recent cyber criminal forum post, a criminal actor posted an advertisement to hire a technically proficient hacker for the purposes of gaining sustained access to the networks of multiple international law firms.” Panama Papers Mossack Fonseca, the law firm at the center of the “Panama Papers breach,” claimed that the firm had been the “victim of an external hack” (instead of the leak coming from someone in the firm) 7

  8. Law Firms as Targets for Attack • What’s in the “virtual warehouse?” – Confidential Client Information • Contracts • Personal Information (“personally identifiable information”, PII, and “protected health information”, PHI, per HIPAA) • Merger/acquisition details (pre-deal, potential terms, potential offers) • Intellectual property (patent applications) • Financial information – Third-party information/data (including PII/PHI) • Investigation/Discovery Material • Information obtained through settlement discussions, payments 8

  9. How does data get Exposed? • While in your Network – ( servers, hacking, rogue employees, etc .) • While in Transit – ( grabbed during sending and receiving functions ) • Multitude of Devices – ( cell phones, laptops, iPad, USB drive, tablets, “BYOD” etc. ) – Need for connectivity at all times which compromises security! 9

  10. Ways of Attacking • Spreading of a virus – (receipt of malicious code, spreading of the code to clients/customers) • Data theft/corruption • Unauthorized access into your network – phishing, pharming, • Distributed Denial of Service attacks “DDOS” – (think bank attacks) • “Hacktivism” - ( political statement, teach you a lesson, fun of it ) • Cyber Extortion - (quick $) 10

  11. So why is this the popular approach? 11

  12. Risk Management Efforts: Pre- Breach - Pre-claim breach coaching/advice - Risk Management assessment (Penetration testing) - Contract review (vendors) - Training (passwords, phishing scams, suspect attachments) - Policies in place (laptops, flash drives, smart phones) - Breach Plan (Breach team, Forensic vendor, Breach Coach) - Incident Roadmap / Mock testing 12

  13. Implement Compliant Corporate Policies • Principal Components of Email Policy – As stated before: • No expectation of Privacy • Consent to Monitoring • No ISPs for Company Business – Confidential or Proprietary Data Secured and Encrypted – No Clicking on Suspicious Emails, Docs, and/or Links – Retained if Business Record – Retained in Accordance With Record-Retention Policies – Compliance With Statutory or Regulatory Requirements 13

  14. Implement Compliant Corporate Policies • Access, Use, Transmission – User ID and Passwords – Access Protocols – Third-Party Access – Employee Screening – Dedicated Devices – Device Management – Remote Access – Laptop Restrictions – Business Uses – Non-Disclosure – Software Restrictions – Data Backups – Encryption 14

  15. Implement Compliant Corporate Policies • Mobile, BYOD – Acceptable Use Only – No Access of Non-Work Websites – Permitted and Prohibited Apps – Permitted Operating Systems – No Direct Connections to Network – Proper and Authorized IT Support and Maintenance – Strong Password Protected – Automatic Locks – Remotely Wiped if Lost, Employee Terminated, or Breach 15

  16. Data Management is Key: Reduce and Destroy Bad Data • Email – Must be part of document retention/destruction policy. – Stop preserving exhibits for your opponent. • Avoid Creating Smoking Guns • Routine Destruction Programs • Attorney-Client Privilege • Outside Counsel • Protect Self-Critical Analyses, Investigations • Preemptive Data Security • APTs • Social Media – New and Leading Cause of Malware 16

  17. Oversight of Lawyers – Cyber/Privacy • ABA • State Breach Notification Statutes • Client Agreements • HHS • NIST • PCI-DSS • No direct oversight but clients may require certain practices/procedures in accordance with:- • Gramm-Leach Bliley (protecting consumer/customer information collected) • SEC, FINRA – 2016 - SEC’s Office of Compliance Inspections and Examinations will look again at firms’ information security controls through testing and assessment; FINRA to review cybersecurity policies with respect to governance, risk assessment, technical controls, incident response, vendor management, confidentiality, data loss prevention, trading system accessibility and staff training 17

  18. ABA and State Bar Organizations ABA The ABA, House of Delegates, adopted resolution calling for “all private and public sector organizations to develop, implement, and maintain an appropriate security program. ” The report accompanying the resolution made it clear that the resolution covers law firms and legal services organizations. This resolution followed an earlier 2012 House of Delegates resolution proposed by the Commission on Ethics 20/20, approving changes to the ABA Model Rules of Professional Conduct. The resolution amended the Model Rules to impose a duty on lawyers to use reasonable efforts to prevent unauthorized access to client data and made related changes to address the advances of technology. The ABA has also published a Cybersecurity Handbook to help lawyers and law firms improve their information security programs. http://www.americanbar.org/content/dam/aba/events/labor_law/2015/march/tech/wu_c ybersecurity.authcheckdam.pdf 18

  19. ABA and State Bar Organizations ABA Recommendations regarding controls: • Administrative Safeguards • Physical Safeguards • Technical Safeguards 19

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

I. Current Trends Non-legal malpractice claims have supplanted malpractice 1 4/16/16

I. Current Trends Non-legal malpractice claims have supplanted malpractice 1 4/16/16

4/16/16 Current Trends in Handling Legal Malpractice Claims and what happens if the judge erred. I. Current Trends Non-legal malpractice claims have supplanted malpractice 1 4/16/16 Examples of non-legal malpractice claims

362 views • 8 slides
Wh What at Judg Judges es Need Need to to Kn Know About About Leg Legal Ma Malpractice Linley

Wh What at Judg Judges es Need Need to to Kn Know About About Leg Legal Ma Malpractice Linley

Wh What at Judg Judges es Need Need to to Kn Know About About Leg Legal Ma Malpractice Linley Jones, Esq. linley@linleyjones.com Legal Malpractice Claims Not Assignable a right of action is assignable if it involves, directly or

407 views • 27 slides
Nowcasting Firm Performance and Data Breaches Using API Data Seth Gordon Benzell, Jonathan Hersh,

Nowcasting Firm Performance and Data Breaches Using API Data Seth Gordon Benzell, Jonathan Hersh,

Nowcasting Firm Performance and Data Breaches Using API Data Seth Gordon Benzell, Jonathan Hersh, Guillermo Lagarda & Marshall Van Alstyne MIT IDE, Chapman University, IADB, Boston University Funding by Accenture, Apigee & Mulesoft is

478 views • 33 slides
The Notifiable Data Breaches Scheme Presented by: Jacques Nel Senior Solicitor at NECA Legal

The Notifiable Data Breaches Scheme Presented by: Jacques Nel Senior Solicitor at NECA Legal

The Notifiable Data Breaches Scheme Presented by: Jacques Nel Senior Solicitor at NECA Legal This presentation is for information only and not legal advice The NDB Scheme - Introduction The NDB Scheme Part IIIC of Privacy Act 1988 (Cth)

691 views • 20 slides
Cyber Insurance: Protect Your Wine Business Against Data Security Breaches and Other Cyber Risks

Cyber Insurance: Protect Your Wine Business Against Data Security Breaches and Other Cyber Risks

AUGUST 25, 2015 Cyber Insurance: Protect Your Wine Business Against Data Security Breaches and Other Cyber Risks Tyler Gerking, Partner David B. Smith, CPCU, ARM, Insurance & Risk Management Consultant What is Cyber Insurance?

368 views • 10 slides
Conflicts in Patent Prosecution: Avoiding the Ethical Pitfalls Minimizing Risks of Malpractice

Conflicts in Patent Prosecution: Avoiding the Ethical Pitfalls Minimizing Risks of Malpractice

Presenting a live 90-minute webinar with interactive Q&A Conflicts in Patent Prosecution: Avoiding the Ethical Pitfalls Minimizing Risks of Malpractice Liability and Ethics Sanctions THURSDAY, JUNE 22, 2017 1pm Eastern | 12pm Central

395 views • 38 slides
https://xkcd.com/838/ Data Breaches This years study analyzed 524 breaches that occurred

https://xkcd.com/838/ Data Breaches This years study analyzed 524 breaches that occurred

https://xkcd.com/838/ Data Breaches This years study analyzed 524 breaches that occurred between August 2019 and April 2020, in organizations of all sizes, across 17 geographies and 17 industries. The 2020 Cost of a Data Breach

289 views • 17 slides
Overview What is the GDPR? What are the main changes? Risks? What do you need to do

Overview What is the GDPR? What are the main changes? Risks? What do you need to do

Overview What is the GDPR? What are the main changes? Risks? What do you need to do to be compliant? Data Breaches How does the GDPR affect you? Steps to Compliance Summary What is the GDPR? q The EU's General Data

355 views • 17 slides
Project Contract Variations: Mitigating Risks of Cost Overruns, Scope Creep and Breaches in

Project Contract Variations: Mitigating Risks of Cost Overruns, Scope Creep and Breaches in

Presenting a live 90-minute webinar with interactive Q&A Project Contract Variations: Mitigating Risks of Cost Overruns, Scope Creep and Breaches in Delivery Obligations WEDNESDAY, MAY 25, 2016 1pm Eastern | 12pm Central | 11am

370 views • 24 slides
Using Data from Breaches What is Users Level of Comfort? Sowmya Karunakaran, Google Let's start

Using Data from Breaches What is Users Level of Comfort? Sowmya Karunakaran, Google Let's start

SOUPS 2018 Using Data from Breaches What is Users Level of Comfort? Sowmya Karunakaran, Google Let's start with a pop quiz... Roughly, how many online accounts have been compromised through data breaches? 5,371,008,023 SOURCE:

1.03k views • 18 slides
Financing In-Transit Inventory: Legal Risks to Lenders Legal Risks to Lenders Structuring

Financing In-Transit Inventory: Legal Risks to Lenders Legal Risks to Lenders Structuring

presents presents Financing In-Transit Inventory: Legal Risks to Lenders Legal Risks to Lenders Structuring In-Transit Financing to Protect Lenders From the Risk of Borrower Insolvency A Live 90-Minute Teleconference/Webinar with Interactive

290 views • 25 slides
The Theory of the firm What is a firm ? How does a firm behave? A firm should transform

The Theory of the firm What is a firm ? How does a firm behave? A firm should transform

The Theory of the firm What is a firm ? How does a firm behave? A firm should transform efficiently inputs into outputs. The objective of the firm is to maximize its profit. BUT manager and owners can have different objec- tives

586 views • 11 slides
Overview Malpractice issues Suicide Risk Assessment and Malpractice Prevention Suicide

Overview Malpractice issues Suicide Risk Assessment and Malpractice Prevention Suicide

Overview Malpractice issues Suicide Risk Assessment and Malpractice Prevention Suicide risk factors Suicide assessment Suicide in diagnoses Phillip J. Resnick, MD Video exercise Professor of Psychiatry Case Western

413 views • 10 slides
Data Awareness: Privacy and Safety First half of 2019 saw 3800+ publicized data breaches in US

Data Awareness: Privacy and Safety First half of 2019 saw 3800+ publicized data breaches in US

Data Awareness: Privacy and Safety First half of 2019 saw 3800+ publicized data breaches in US 142 privacy breaches in Alberta this year as of Aug 21 2019: https://www.oipc.ab.ca/decisions/breach-notification-decisions.aspx Digital Se Digital

78 views • 3 slides
Sid Shetye CEO & Founder sid@crypteron.com 858-342-1617 The Problem Data breaches 2

Sid Shetye CEO & Founder sid@crypteron.com 858-342-1617 The Problem Data breaches 2

1 Sid Shetye CEO & Founder sid@crypteron.com 858-342-1617 The Problem Data breaches 2 $$$ Compliance fines, Customer goodwill, Lawsuits, Lights out Basically, anyone building connected apps should be concerned Stages of a data

432 views • 15 slides
How to grow your law firm through ethical legal marketing Emma Raimi-Zlatic Affinity Program

How to grow your law firm through ethical legal marketing Emma Raimi-Zlatic Affinity Program

How to grow your law firm through ethical legal marketing Emma Raimi-Zlatic Affinity Program Manager at Clio JD from the University of Houston Law Center Founded an Attorney Recruiting Company Agenda State of law firm marketing

628 views • 44 slides
APPEAL BEFORE CIT(APPEALS) APPEAL BEFORE CIT(APPEALS) APPEALABLE ORDERS, PROCEDURE IN

APPEAL BEFORE CIT(APPEALS) APPEAL BEFORE CIT(APPEALS) APPEALABLE ORDERS, PROCEDURE IN

APPEAL BEFORE CIT(APPEALS) APPEAL BEFORE CIT(APPEALS) APPEALABLE ORDERS, PROCEDURE IN APPEALABLE ORDERS, PROCEDURE IN APPEAL, ADDITIONAL EVIDENCE, APPEAL, ADDITIONAL EVIDENCE, APPEAL, ADDITIONAL EVIDENCE, APPEAL, ADDITIONAL EVIDENCE,

1.03k views • 34 slides
T29 - Property Taxes: How to Manage and Minimize HOW ALMA BLACKWELL CAME TO PAY NO PROPERTY

T29 - Property Taxes: How to Manage and Minimize HOW ALMA BLACKWELL CAME TO PAY NO PROPERTY

T29 - Property Taxes: How to Manage and Minimize HOW ALMA BLACKWELL CAME TO PAY NO PROPERTY TAXES I was sitting at my desk one day in 2004 , reading the Infolink when, after I finished reading the article, a light bulb came on! The

333 views • 20 slides
LEASE EXTENSIONS PRESENTATION TO OWNERS OF MARINERS WALK MARINERS WALK AGM 30 th JULY 2012

LEASE EXTENSIONS PRESENTATION TO OWNERS OF MARINERS WALK MARINERS WALK AGM 30 th JULY 2012

LEASE EXTENSIONS PRESENTATION TO OWNERS OF MARINERS WALK MARINERS WALK AGM 30 th JULY 2012 David Robson MA(Oxon) MSc MRICS Tom Merralls (LLB) Solicitor Why should I extend my lease? Valuation and legal services How do we progress

622 views • 23 slides
Kent Housing Group: Future Funding of Housing 1 Help to Deliver Housing Dramatic cutbacks in

Kent Housing Group: Future Funding of Housing 1 Help to Deliver Housing Dramatic cutbacks in

Kent Housing Group: Future Funding of Housing 1 Help to Deliver Housing Dramatic cutbacks in the availability of grants and funding to build and develop socially focused property Government policy has also placed restrictions to cap

291 views • 15 slides
Business Continuity Seeing your firm through Covid 19 DG Legal Webinar March 2020 Matt Howgate

Business Continuity Seeing your firm through Covid 19 DG Legal Webinar March 2020 Matt Howgate

Business Continuity Seeing your firm through Covid 19 DG Legal Webinar March 2020 Matt Howgate House-keeping Please ensure that you have muted your microphone during this seminar. At certain points we will invite questions. At that point

328 views • 19 slides
Custom Writing Service - Special Prices Critical thinking in college nursing ppt presentation

Custom Writing Service - Special Prices Critical thinking in college nursing ppt presentation

Custom Writing Service - Special Prices Critical thinking in college nursing ppt presentation Improve creative writing pictures critical thinking challenges journals ? research paper on drug addiction and abuse purchase research paper sentiment

463 views • 3 slides
Abandonment Case WAB17-0003 Washoe County Planning Commission July 5, 2017 L URIE L ANE 1

Abandonment Case WAB17-0003 Washoe County Planning Commission July 5, 2017 L URIE L ANE 1

Abandonment Case WAB17-0003 Washoe County Planning Commission July 5, 2017 L URIE L ANE 1 20 Lurie Lane (APNs 222-060-29, 30, & 31) 1/3-mile west of Lakeside Drive High Density Rural 3 parcels totaling 7.5 acres (2.5

269 views • 14 slides
WORKING FOREST CONSERVATION EASEMENTS An Introduction Wisconsin Council on Forestry September

WORKING FOREST CONSERVATION EASEMENTS An Introduction Wisconsin Council on Forestry September

Samuel J. Radcliffe, Vice President WORKING FOREST CONSERVATION EASEMENTS An Introduction Wisconsin Council on Forestry September 27, 2012 Stevens Point, WI Overview Introduction What are WFCEs? Who is involved? How do

926 views • 17 slides

More recommend