Excerpt: It was more than a year ago that the 3,600-lawyer global megafirm DLA Piper was brought to its knees by a data breach in June of 2017. One of the questions we hear most often when we lecture is, “If DLA Piper can be breached, how do the rest of us stand a chance of preventing a data breach?”
It’s a valid question. The reaction last year varied with the size of the law firm. Larger law firms focused a lot on purchasing or increasing their cyberinsurance coverage after the DLA Piper story made the headlines. They also amped up their security measures, and pried open their wallets to create stronger defense-in-depth strategies.
The smaller firms also began spending more money on cybersecurity, many of them now awakened to the dangers of a breach. From our foxhole, small to mid-size firms particularly began to focus on employee cybersecurity awareness training, newly aware that their greatest asset (their employees) is also their greatest risk. Since 2017, cybersecurity awareness training has been the CLE that we have most often been asked to present.