Wednesday, November 20, 2013

Law Firm Information Security -- UK Edition


Two interesting updates on law firm information security in the UK:

Government surveillance threatens law firms’ cloud data security, regulator warns
  • "Widespread data snooping by the US National Security Agency (NSA), as revealed by whistle-blower Edward Snowden, could threaten the security of cloud computing for law firms acting in confidential merger negotiations, the Solicitors Regulation Authority (SRA) has warned."
  • "In a detailed paper on the risks associated with cloud computing, Silver Linings: cloud computing, law firms and risk, the authority concluded that due diligence over outsourcing data processing, such as cloud computing – the use of the internet to store data remotely – should take into account government surveillance as a risk factor."
  • "The authority highlighted confidential merger negotiations conducted by a law firm as potentially at risk from NSA spying activities, which it said were rumoured to have led to data 'being passed to commercial organisations for business advantage', although that had been officially denied. 'With the heightened need for confidentiality of law firms, this represents a challenge to their ability to use cloud services,' it said."
UK Law Firms Less Prepared Than Other Sectors For Cyber Attacks, But Can Mitigate Risk, Survey Says --
  • "Law firms are in a unique—and perhaps precarious—position when it comes to cyber security. They not only have to protect their own electronically stored information, but they have a responsibility to protect the information of their clients as well. Are law firms doing enough? According to a recent survey of UK law firms, while 68 percent of law firm employees think firms are a likely target, only 35 percent have a response plan in place for an attack."
  • "'Locked down? A Closer Look at the Rise of Cyber Crime and the Impact on Law Firms' was produced by Legal Week in association with digital security firm Stroz Friedberg. Views of more than 370 senior business people were collected for the report, almost half of which worked in the legal profession."
  • "'The failure of UK law firms to tackle online security is leaving clients increasingly vulnerable to attacks,' Seth Berman, executive managing director of Stroz Friedberg, said in the report. “As custodians of clients’ intellectual property and commercially sensitive information, law firms are particularly attractive to hackers.'"
  • See also: video summary and discussion of the report.

No comments:

Post a Comment