Ride the Lightning

Why Do 62% of Law Firms Fail to Conduct Incident Response Tabletop Exercises?

December 14, 2021

Law.com reported on December 10 some interesting stats from ILTA’s 2021 Technology Survey. 62% of law firm respondents said their firm didn’t conduct incident response tabletop exercises. I would think that, when advising clients, they certainly would advise them, strongly, to conduct such exercises.

Why don’t they practice what they preach? I haven’t a clue.

82% of those who do tabletop exercises said their IT or cybersecurity department was involved (I would certainly hope so). 60% said the firm’s management or executive committee participates (that should of course be 100%). Apparently, the thought is that those people are too busy.

They might consider how busy they will be after a data breach. It’s a good motivation for taking a day to engage in preparation for such a disaster. Chief financial officers are critical at such meetings – they are the ones who are charged with finding cryptocurrency if a ransom is to be paid. They also know, presumably, what their firm’s cyberinsurance will cover.

All departments of a law firm should be represented at an incident response tabletop exercise. Each will have a role following a data breach – from HR to public relations to marketing.

What happens when (heaven forbid) there are no Incident Response Plans? Utter chaos. Been there, seen that. But failure to conduct incident response tabletop exercises in absolutely going to result in some level of chaos because no IRP survives first contact with the enemy.

Sharon D. Nelson, Esq., President, Sensei Enterprises, Inc.
3975 University Drive, Suite 225, Fairfax, VA 22030
Email: Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson