Company News
Sensei Pens Column For Above The Law
January 11, 2022
Above the Law featured Sensei article entitled “Your Law Firm Has Been Breached – Who are you going to Call” by Sharon Nelson, John Simek and Michael Maschke. This article is the third in a new monthly series entitled Cybersecurity: Tips From the Trenches with Sharon Nelson, Esq., John Simek and Michael Maschke of Sensei Enterprises. As noted authors and lecturers, Sharon, John and Michael speak on a variety of IT, Cybersecurity and Digital Forensics subjects. They lecture throughout North America and have been interviewed by TIME, ABC, NBC, CBS, CNN, Reuters, many newspapers and even Oprah Winfrey’s O magazine.
Excerpt
We’ve Had a Data Breach!
No lawyer wants to hear those words about their law firm. But across the country, those words have been repeated time and again. How often? The ABA’s 2021 Legal Technology Survey Report tells us that 25% of respondents said that their law firms had a breach “at some time.” That’s a big percentage. Most law firms are ill-prepared for responding to a data breach with only 36% reporting that they have an Incident Response Plan (IRP). Understandably, 80% of law firms with 100+ attorneys do have an IRP.
If you have no IRP, you are asking for a catastrophe – and one likely to make the headlines. Roll up your sleeves and get to work creating one. Then do regular tabletop exercises on the IRP, adding and subtracting issues (electric grid compromised, managing partner inaccessible on a safari, etc.). Make sure the IRP is accessible during a disaster – we saw one data breach where the IRP was only in electronic form and it got encrypted with all the other data by a ransomware attack. “Whoopsie-Daisy” doesn’t quite cover the extent of that debacle.