Law firms are increasingly concerned about potential liability stemming from cybersecurity lapses—for good reason. According to the American Bar Association’s Cybersecurity Legal Task Force, about 80 percent of the largest 100 law firms in the United States were victims of data breaches in 2011. To address these concerns, law firms enact firewalls, educate personnel and maintain protocols. But that doesn’t deter hackers, who target the weakest part of a firm’s security system, searching for a point of access. For many firms, access is through an outside vendor that has a data connection with the firm’s network but fails to practice the same level of cyberhygiene.
The Target Corp. breach in 2013 was a wake-up call for businesses regarding the efficacy of cybersecurity prevention. Target took many precautions in protecting its own systems from cyberintruders. But it also permitted data connections between vendors and Target’s networks. Hackers were able to infiltrate Target’s systems by exploiting the vulnerability of a third party vendor. A simple phishing email to that vendor provided hackers direct access to one of the country’s largest retailers—and the credit card numbers of its customers.
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.
For questions call 1-877-256-2472 or contact us at [email protected]