Cybersecurity

Cybersecurity Law & Strategy

Avoid Making Tech Decisions In Crisis Mode

Tomas Suros

Some law firms are realizing that the hasty, though necessary, decisions made to facilitate remote work should be revisited or undone. Many of the tools implemented in an emergency are insufficient to withstand the increasing cybersecurity threats law firms are facing today. The good news, though, is that it’s not too late to implement the right tech to protect your firm.

Read More ›

Cybersecurity Law & Strategy

Why Collaborate: The Future of Legal Services Is Human

Joey Seeber

It is no surprise that in this environment many lawyers are prioritizing qualitative factors, such as work-life balance and feeling appreciated and recognized at work, rather than compensation alone when choosing where to work. Why is it no surprise? Because many of their employers began valuing quality over quantity with their ALSPs years ago. And this shift might do even more for your organization.

Read More ›

Cybersecurity Law & Strategy

A Compliance Briefing for Privacy Officers on the New Canadian Consumer Privacy Protection Act

John Beardwood and Shan Arora

Part Two In a Series
Part One of this series introduced the history of Canada’s recently introduced Consumer Privacy Protection Act and reviewed the similarities with GDPR, such as data portability, the right not be forgotten, codes of practice, and a safe harbor provision. Part Two analyzes the new compliance requirement of valid consent.

Read More ›

Cybersecurity Law & Strategy

New Technologies Make for a Shifting Definition of ‘Technical Competence’

Tinamarie Feil

While new and/or improving technologies may be challenging, they likely also present new opportunities which can facilitate delivering the best services at the best cost. Some solutions can be handled directly by law firms — but others will require the courts to approve, and, perhaps, even change of procedures to get with the times.

Read More ›

Cybersecurity Law & Strategy

Franchisors and Franchisees Make for Easy Cyber Targets

Marc Lieberstein and Raymond Aghaian

We are increasingly hearing about security breaches, data leaks and other kind of data theft in the franchise world. This is because frequently the franchise systems operate as a connected mass of franchisees all of whom collect, store and transmit a diverse array of consumer and personal data to the franchisor. In other words, franchisors and franchisee make a nice easy target for cyber theft.

Read More ›

Cybersecurity Law & Strategy

Jurisdictional License Requirements and Disparate Laws Are Hindering Law Firms’ Fight Against Cybercrime

Isha Marathe

Some cybersecurity experts think the structure of law in the U.S. itself means that truly fighting against growing threat actors is a losing game. Take, for example, the fact that attorneys are largely limited by jurisdictional licensure requirements. While on the other hand, bad actors are often organized, unsaddled by jurisdictional challenges, and able to function as a large decentralized group.

Read More ›

Cybersecurity Law & Strategy

Will Other States Follow NY’s Lead on Requiring Cybersecurity CLE?

Cassandre Coyer

New York has become the first state to add a requirement mandating that lawyers take legal education courses in cybersecurity, privacy and data protection. As cyberthreats will likely continue to both grow and evolve in sophistication, attorneys expect this requirement to be only a first step, with more states likely to soon follow.

Read More ›

Cybersecurity Law & Strategy

Text Messages In E-Discovery

David Horrigan

This article looks beyond conspiracy theories and Secret Service slip-ups — or subterfuge, depending on one’s perspective — to take a look at the law and technology of texts in e-discovery.

Read More ›

Cybersecurity Law & Strategy

Data Rights, Data Duties, & Data Risks: The American Data Privacy and Protection Act

Rita W. Garry

While the ADPPA represents compromises between Democratic and Republican leadership of the U.S. Senate and House of Representatives, particularly around the thorny issues of state law preemption and private rights of action, there are other legislative and big tech industry players pushing their own agendas for comprehensive national data privacy and security frameworks.

Read More ›

Cybersecurity Law & Strategy

Not Just Your Same Old Privacy Legislation: A Compliance Briefing for Privacy Officers on the New Canadian Consumer Privacy Protection Act

John Beardwood and Shan Arora

Part One In a Series
This article, which reviews the Canadian Consumer Privacy Protection Act, first seeks to identify the delta between the Act and PIPEDA in order to allow privacy officers of organizations that are already PIPEDA compliant to identify the net new compliance requirements under the Act and second, to highlight the provisions of the Act which, if breached, could lead to the imposition of significant fines.

Read More ›

Load More 🔽

Cybersecurity Law & Strategy

Data Privacy and Security Considerations for Mobile Health App Developers and Their Counsel

Angela Matney

In light of the evolving legal and regulatory landscape, app developers and their counsel should examine developers’ privacy and security practices and take steps to safeguard sensitive data related to reproductive health.

Read More ›

Cybersecurity Law & Strategy

California’s Latest Privacy Rulemaking Proposes Further Obligations for Businesses

Kyle Fath, Alan Friel, Shea Leitch and David J. Oberly

While the the California Privacy Protection Agency kicked some of the more difficult issues down the road for further consideration, its first draft of proposed Regs is quite comprehensive with respect to the issues addressed. The authority for some of what is proposed is questionable and will likely be challenged in comments, if not judicial action, if such provisions become final.

Read More ›

Cybersecurity Law & Strategy

Proactively Tackling Unstructured Data Can Give Competitive Advantage

Rich Hale

Unstructured data comprises 80% of total data volume for legal organizations, which means that on average, only one-fifth of the entirety of the data set is properly secured and actively managed. Although some believe that ignoring unstructured data establishes plausible deniability that relinquishes them from culpability when a breach occurs, it’s an untenable position from both a regulatory and brand reputational perspective.

Read More ›

Cybersecurity Law & Strategy

Cloud-Based Discovery Is at Critical Mass: A Practical Approach

Kenneth Spencer

Part Two of a Two-Part Series
Cloud technology use in discovery is inevitable. Fortunately, one of the inherent benefits of cloud discovery platforms is the ability to spin up a proof of concept matter quickly to get your feet wet. This article provides a practical approach to making sure you’re ready for the cloud when the time comes.

Read More ›

Cybersecurity Law & Strategy

Online Accessibility and SEO

Sarah Brodsky

How can you make your user experience the best it can be for all potential clients, and lead with empathy and equity as you demonstrate your knowledge? That’s where your law firm’s SEO strategy comes into play.

Read More ›

Cybersecurity Law & Strategy

Traditional Legal Ops Putting Law Firms At Disadvantage When Recruiting for Cybersecurity and Privacy

Bruce Love and Patrick Smith

Law firms are still insisting on engaging with clients in the traditional legal model — by hours billed. Whereas cybersecurity services such as breach monitoring have the potential for a much deeper and stickier relationship with the client.

Read More ›

Cybersecurity Law & Strategy

Dealing With Deleted, Unsent and Edited ESI

Kim Beight Kelly

While text messages and email have the appearance of reliability, technological advances have, over time, rendered many digital communications less static and more open to manipulation.

Read More ›

Accounting And Financial Planning For Law Firms

How to Manage 6 Risks Affecting Cybersecurity for Law Firms

Chris Mangano and Edward Keck, Jr.

Cybercriminals are increasingly targeting law firms; extortion is quickly realized, given the nature of highly confidential client data. The digital footprint of law firms is constantly expanding, leading to more entrances to a firm’s network infrastructure, which is a direct gateway to data.

Read More ›

Marketing The Law Firm

6 Risks Affecting Cybersecurity for Law Firms

Chris Mangano and Edward Keck, Jr.

We are all “custodians of data.” Law firms specifically are stewards of some of the most sensitive information stored and shared; a fact that doesn’t elude nefarious cybercriminal syndicates. Below are some of the top cybersecurity risks affecting law firms.

Read More ›

Cybersecurity Law & Strategy

Redefining Attorney-Client Collaboration with Technology That Delivers Greater Value

David Carns

If savvy law firm attorneys haven’t done so yet, they should take this time to adjust their expectations and increase their comfort levels with new technologies, processes, and workflows. Going forward, their clients will expect the emphasis to be on relationships and outcomes, not billable hours.

Read More ›

Cybersecurity Law & Strategy

Cloud-Based Discovery Is at Critical Mass: Here’s Why

Kenneth Spencer

Part One of a Two-Part Series
The legal industry today is experiencing a massive uptick in cloud-based discovery. The shift to remote and hybrid work and changing attitudes toward the cloud are significant factors in the movement to widespread adoption of cloud-based discovery. This article explains the momentum behind the rise of cloud-based discovery and the business reasons why companies will have to embrace it.

Read More ›

Cybersecurity Law & Strategy

The Changing Face of Incident Response

Larry Gagnon

A good incident response program helps firms affected by a cyberattack identify potential damage to their reputation, their regulatory obligations for reporting and issuing notifications, and the potential for future litigation.

Read More ›

Cybersecurity Law & Strategy

Cyber Insurance Experiencing Future Shock

Barry M. Miller and Elisabeth Gentile

Insurers who write cyber liability policies are well-equipped to manage cyber claims, but what about carriers and adjusters who face such claims under more traditional policies — also known as “Silent Cyber?” This article aims to help non-cyber risk adjusters who may have to oversee such a claim.

Read More ›

Cybersecurity Law & Strategy

7 Keys to Managing Tech and Service Company Partnerships

David Cochran

Partnerships play a key role in today’s legal marketplace. Typically, one supplier partners with a law firm and/or corporate legal department to provide…

Read More ›

Cybersecurity Law & Strategy

California ‘Right to Know Act’ Sets Off Alarm Bells Ring for Privacy Experts

Isha Marathe

While state data privacy legislation is picking up across the U.S., a California bill that recently passed the State Senate and has remained largely under the radar, has some privacy experts raising alarm bells.

Read More ›

Cybersecurity Law & Strategy

Legal Tech: Can Claiming Incompetence Save You from Spoliation Sanctions?

Eric P. Mandel

A recent opinion in Illinois raises the question of whether spoliating parties should be encouraged to present the following defense at trial: “Ladies and gentlemen of the jury, yes the main evidence of this case has been destroyed, but it’s only because my client and my law firm are completely incompetent when it comes to preserving electronic evidence.”

Read More ›

Cybersecurity Law & Strategy

Enforcement Update: U.S. Courts Demonstrate Reluctance to Extend Application of Chinese Data Security and Privacy Laws In Civil Discovery

Jeff Pade and Lindsey Dieselman

Two recent Chinese laws — the Data Security Law (DSL) and the Personal Information Protection Law (PIPL) — include provisions aimed at restricting the cross-border transfer of China-based data foreign enforcement and judicial authorities. U.S. courts have not yet addressed whether these data protection and privacy laws could bar the production of documents in civil contexts involving governmental litigants or in criminal proceedings.

Read More ›

Cybersecurity Law & Strategy

Mitigating Risks at Professional Service Firms Using Artificial Intelligence

Brian P. Piatek

Truly malicious internal threats can often be treated much like external threats using the tools and backups already in place. But how does a firm proactively identify the softer threats — which may be just as dangerous as the malicious threats and can cripple a firm just as effectively?

Read More ›

Cybersecurity Law & Strategy

The Anatomy of a Supply Chain Cyberattack

Brian Schmitt and Abeer Abu Judeh

Mitigating Its Risks and the Call for Standardization of Software Development Security Protocols
This article details the anatomy of a supply chain cyberattack, explores the existing state of supply chain protective contractual terms, and proposes actionable steps with a collective approach to guide legal professionals through their precarious endeavors.

Read More ›

Cybersecurity Law & Strategy

We Must Never Let our Cyber Guard Down

Emil Sayegh

When cyber defenses work, there is a human tendency to become complacent. If you fall into this perception trap, you will quickly find yourself in survival mode — scrambling to restore and recover, and in a position where the best explanation was that the attack was somehow “unexpected.” The global cyberthreat is also still very real.

Read More ›

Cybersecurity Law & Strategy

Crypto Asset Legal Difficulties

Jonathan Bick

Exploring crypto assets is akin to visiting the Land of Oz. Outwardly, both seem dazzling, foreign and off-color. However, by removing the technological blinders, equivalent to the emerald glasses worn by the citizens of the Emerald City, attorneys will likely understand that they know all they need to integrate crypto assets into their practice.

Read More ›

Cybersecurity Law & Strategy

Under Shared Responsibility Cloud Model, Data Owners Retain Control of Access and Data

Catherine Castaldo, Therese Craparo and Christine Gartland

From a legal perspective, the cloud introduces a unique shared responsibility model that many businesses are only now coming to appreciate; specifically, although the cloud provider may house the data and provide functionality for access and data security controls, the legal obligations remain the responsibility of the business procuring these services.

Read More ›

Cybersecurity Law & Strategy

Legal Tech: E-Discovery Case Spotlight: Custody and Control of Text Messages and Adverse Jury Instructions on Spoliation

Philip Favro

New e-discovery cases continue to proliferate, spotlighting key trends regarding the handling of ESI in litigation.

Read More ›

Business Crimes Bulletin

Individual Liability and Criminalizing Cybersecurity Response

Jonathan S. Sack and Christopher M. Hurley

To date, cybersecurity has generally been viewed as an organizational responsibility, and data breaches similarly have been treated as organizational weaknesses or failures. Against this backdrop of organizational responsibility, the Department of Justice has brought a noteworthy criminal case against an individual for his personal response to a corporate data breach.

Read More ›

Cybersecurity Law & Strategy

The Slack Explosion: Convenient Yet Complicated, Part 2

Elizabeth Pollock-King

Best Practices to Simplify Future E-discovery
Part Two of a Two-Part Series
Just as the legal industry had to scramble to figure out how to handle email and other electronic documents a couple decades ago, e-discovery practices must once again shift to account for the realities of business being conducted via chat and the massive amounts of new types of data that chat platforms generate.

Read More ›

Cybersecurity Law & Strategy

The Importance of ISO Certification for Law Firms

Sue Pellegrino

ISO certification is not just a critical way to ensure your firm’s security; it’s increasingly important for any firm that wants to maintain a competitive advantage in today’s legal market.

Read More ›

Cybersecurity Law & Strategy

Metaverse Raises Privacy and Cybersecurity Concerns

Oriana Alexander, Wail Jihadi and Bryan Parker

The Metaverse will be the next version of the Internet that provides an immersive virtual experience. For now, the extent to which Metaverse technology will be integrated into our physical world remains unknown. This raises new concerns about data privacy, cybersecurity, new cybercrimes and constitutional issues.

Read More ›

Cybersecurity Law & Strategy

E-Commerce Sellers Should Be Preemptive to Mitigate Effects of Account Suspensions for IP Infringement

Jonathan Bick

E-commerce channel providers’ suspension of sellers’ accounts associated with alleged intellectual property infringement is fast, and suspension remediation is time-consuming and costly. Consequently, e-commerce sellers should contemplate pre-emptive legal and business arrangements to ameliorate potential e-commerce account suspensions consequences.

Read More ›

Cybersecurity Law & Strategy

Cybersecurity Concerns Grow In Russia’s War

James Carstensen

After a raft of debilitating Western sanctions on Russia and the exodus of global firms from Moscow, Russia-originating cyber attacks are a growing concern among law firms, as the war delivers the loudest reminder yet to both firms and their clients that they must be prepared.

Read More ›

Cybersecurity Law & Strategy

Moving from Unstructured to Structured Data

Jeff Cox

Data is everywhere. From the Zoom calls you’re on, to the emails you send, the documents you work on, and the legal system you interact with, unstructured data is inherent in everything law firms and legal departments do. To make the most of this growing gold mine of data, law firms and legal departments must invest in better structuring of their data.

Read More ›

Cybersecurity Law & Strategy

Ninth Circuit Allows Data Scraping from LinkedIn

Marianna Wharry

The Ninth Circuit reaffirmed data analytics company hiQ Labs Inc.’s ability to scrape publicly available data from LinkedIn’s platform despite the social media company’s claim that the data collected violated federal hacking laws.

Read More ›

Cybersecurity Law & Strategy

California Consumer Privacy Law Cases Climbing, and Not Just In California

Jessica Mach

Plaintiffs filed 145 lawsuits last year to enforce provisions under the CCPA, a 60% increase from 2020. Lawsuits alleging violations of the California law were also filed across the country, pending at one point in 33 courts across 20 states.

Read More ›

Cybersecurity Law & Strategy

You Won’t Know It When You See It: The Challenges of Fabricated Evidence in the Digital Age

John G. Browning and Jonathan Bailie

How significant is the threat of fabricated digital evidence that can alter the outcome of a case? In today’s wired workplace, it’s considerable.

Read More ›

Cybersecurity Law & Strategy

The Slack Explosion: Convenient Yet Complicated

Elizabeth Pollock-King

Part One of a Two-Part Series
The informality of chat culture not only makes chat data harder to search, it also results in huge volumes of a new kind of data that must be processed in unique ways before it can be reviewed.

Read More ›

Entertainment Law & Finance

Attorneys Forecast Legal Challenges In NFTs

Cedra Mayfield

As nonfungible tokens, or NFTs, continue to grow in popularity through cryptocurrency purchase, sale and trade online, opportunities for entertainment attorneys in the emerging industry also are booming. For this article, attorneys shared how they’re grabbing hold of NFT-related work and the challenges they foresee.

Read More ›

Cybersecurity Law & Strategy

Opportunities, Risks and Strategies In the Metaverse

Brandon Leahy and Chloe Delehanty

While it is still unknown how the metaverse will take shape lawyers advising brands should familiarize themselves with the opportunities it presents, the risks involved, and strategies to consider for enhancing and protecting a client’s brand.

Read More ›

Cybersecurity Law & Strategy

The Legal Difficulties of Blockchain Domain Names

Jonathan Bick

Blockchain domain names, a new set of domain names, are ripe for cryptocurrency legal abuse and generally not susceptible to traditional legal amelioration. A combination of legal, business and technological approaches is best used to address blockchain domain name legal difficulties.

Read More ›

Cybersecurity Law & Strategy

Keep Terms of Service and Privacy Notices Separate

Shawn Helms, David Saunders and David Sorenson

This article examines why terms of service and privacy notices should work in conjunction with one another, but also why it is not advisable to incorporate privacy notices into online terms of service.

Read More ›

Cybersecurity Law & Strategy

SEC Proposed Rules Include Disclosure of Cybersecurity Risk Assessment Strategy

Greg Andrews

Cybersecurity compliance, already an anxiety-inducing topic for many in-house counsel, is about to get even trickier. The SEC rolled out a host of proposed new cybersecurity rules for public companies.

Read More ›

Cybersecurity Law & Strategy

Legal Tech: Are Websites A Forgotten Source of Evidence?

Glenn Barden

It’s fascinating how quickly the industry has shifted from the days when e-discovery teams would spend weeks digitalizing and coding vellum, microfiche and paper documents to where we are today with dynamic and varied processes to deal with a plethora of electronic sources. Among these are websites, which can provide deep insights in discovery, but have been largely forgotten as a source of evidence.

Read More ›

Need Help?

Prefer an IP authenticated environment? Request a transition.
Need other assistance? email Customer Service or call 1-877-256-2472.

Most Popular Stories

Business Crimes Bulletin

The Regulators Are at the Gates: Significant New AML Legislation Nears Passage

Over the past few years, Congress and law enforcement have notably increased their scrutiny of companies’ anti-money laundering compliance, and it appears that Congress is not yet finished with its drive for additional legislation and regulation.

Read More ›

The Intellectual Property Strategist

When Are Short Phrases in Songs Protectable?

It’s a common fact pattern: A songwriter alleges that another songwriter has infringed the lyrics of Song A by using a similar short phrase, frequently a current slang phrase, in the lyrics of Song B. Claims like this do not often succeed because “words and short phrases such as names, titles, and slogans” are “not subject to copyright.”

Read More ›

Marketing The Law Firm

How to TOOT Your Own Horn: Exceptional Self Evaluations

It’s that time again. As the year comes to a close many firms are beginning the associate review process. Even if your firm does not have a formal review process I recommend that you write a self-evaluation that outlines your achievements and specifies your goals for the coming year.

Read More ›

Newsletters ›

Topics ›

Follow Us

Site Search

Law.com Subscribers SAVE 30%

Cybersecurity

Need Help?

Most Popular Stories

Latest Tweets

About Us

Topics

Newsletters

ALM Network