Legal departments for business organizations rate cybersecurity, regulation and ethics compliance among their chief concerns, and they are well aware of surveys showing law firms to be the “soft underbelly” of business security due to weakness of their cybersecurity. Lawyers and law firms are often behind trends but very good at playing catch-up. In the area of cybersecurity, the American Bar Association’s Model Rules of Professional Conduct can help serve as a guide.
The Model Rules are drafted by and for lawyers and, yes, they include lots of flexibility (read, wiggle room) with expressions of “reasonableness.” But these rules express a commitment to improve awareness and competence in technology usage.