14141 Farmington Rd, Livonia, MI 48154

12 Takeaways from the ABA Cybersecurity Report

One in four law firms have had a data breach.

First the bad news: 25 percent of law firms say they’ve experienced a data breach.

Now the good news: only seven percent say the breach resulted in unauthorized access to sensitive client data.

Those two findings come from the ABA 2021 Legal Technology Survey Report.

“Law firms are an attractive target for cybercriminals,” according to this article in Attorney at Work. “With a plethora of data about so many people and businesses, law firms are a one-stop-shop for harvesting a wealth of information.”

You can read the article Cybersecurity Trends, written by attorneys and officers from the cybersecurity firm Sensei Enterprises, in Attorney at Work here.

Are you taking advantage of the valuable resources available through the Alta Pro Risk Purchasing Group (RPG)? If not, register here and start enjoying the benefits. When your law practice has professional liability coverage through Alta Pro Insurance, you’re automatically enrolled in the RPG. Among the benefits: free, cutting-edge CLE webinars featuring top experts tackling timely topics; the Pro Practice Playbook; the Pro Practice Blog; Reminger’s ProLink risk management assistance; Reminger’s Claim Repair Hotline; discounts on CLIO practice management software; and access to the Risk Pro, who can help keep your firm safe and successful. Stay ahead of the curve with Alta Pro Risk Purchasing Group.

  1. Reported consequences of data breaches include: downtime/loss of billable hours (36 percent); consulting fees for repair (31 percent); destruction or loss of files (13 percent); replacement of hardware/software (18 percent).
  2. Sixty-four (64) percent of firms reported no significant business disruption or loss from a breach.
  3. Twenty-four (24) percent of firms that had a breach said they notified a client or clients of the breach. (Note: ABA Formal Opinion 483 addresses the duty to notify clients under Model Rule 1.4).
  4. Fourteen (14) percent of firms that experienced a breach reported that they gave notice to law enforcement; this ranged from 13 percent for solos to 70 percent for firms with 500 or more lawyers.
  5. Twenty-nine (29) percent of firms reported a cyber virus infection.
  6. Forty-two (42) percent of attorneys have cyber liability insurance coverage. That figure has been steadily increasing in recent years. In addition to providing protection for third-party losses, cyber policies typically cover first-party losses to the law firm like lost productivity, data restoration, and legal expenses.
  7. Eighty (80) percent of solo practitioners say they have primary responsibility for the security of their firms. Larger firms are more likely to have n-house IT resources.
  8. Thirteen (13) percent of firms with 100-499 attorneys and 16 percent with 500 or more attorneys have a chief security officer.
  9. A slim majority of firms (53 percent) have a written data protection policy. Sixty percent have an email usage policy; 56 percent have an internet usage policy;  57 percent have a computer “acceptable use” policy; 56 percent have a remote access policy; 48 percent have a social media policy; 32 percent have a policy for personal device usage.
  10. Twenty-five (25) percent of attorneys either have no cyber security procedures or don’t know if their firm does.
  11. Thirty-six (36) of firms say they have an Incident Response Plan (IRP). Only 12 percent of solos have one, but 80 percent of firms with 100 or more attorney have one.
  12. Human behavior is involved in 82 percent of data breaches. This risk can be minimized through security awareness training.

Sources: “Cybersecurity 2021” summary of the ABA’s 2021 Legal Technology Survey Report by David G. Ries; “Shadow IT Is a Serious Threat for Law Firms,” by Mike Maschke, Sharon Nelson and John Simek; Cybersecurity Trends, Attorney at Work.

Few areas of the law are changing more rapidly than Cannabis Law. Legal and ethical issues regarding marijuana (medical and adult-use), hemp and CBD touch on practically every area of the law: from litigation and contracts, to licensing and zoning, to business formation and insurance. Having a working knowledge of the basics is essential. Plan now to attend the free, one-hour, live CLE webinar “Basics of Cannabis Law: Chapter One” on March 30, 2022 at 12 noon CST. This webinar features two of the most experienced, knowledgeable and impactful lawyers in the U.S. on cannabis law: Lisa L. Pittman, chair of the American Bar Association Cannabis Law & Policy Committee, whose pioneering efforts led the ABA to formally embrace this emerging practice area; and Khurshid Khoja, chair of the National Cannabis Industry Association, the country’s oldest and largest cannabis trade organization. The course will highlight key substantive topics, address ethical concerns, offer best practices for risk management, and identify ethical concerns. It will also give you online links and key resources for your continuing education. This free, one-hour webinar is the latest in Alta Pro’s ongoing series of cutting-edge CLE programs. Register here.

Share the Post:

Related Posts

Get with the RPG program!

Join our mail list. Free, cutting-edge CLE webinars on hot topics from Cannabis Law to Emerging Cyber Threats.