‹ All episodes

May the Record Reflect

17: Can You Hack It? Protecting Electronic Client Data, with Helen Geib and BJ Moore

April 06, 2021 National Institute for Trial Advocacy Episode 17
May the Record Reflect
17: Can You Hack It? Protecting Electronic Client Data, with Helen Geib and BJ Moore
Info
May the Record Reflect
17: Can You Hack It? Protecting Electronic Client Data, with Helen Geib and BJ Moore
Apr 06, 2021 Episode 17
National Institute for Trial Advocacy

In Episode 17 of “May the Record Reflect,” we’re talking about cybersecurity for law firms: why it’s important, how to prevent hackers from accessing your clients’ electronic data, what to do if it happens, and what ethics canons have to say about it. Patent attorney and e-discovery expert Helen Geib and technologist BJ Moore share their tips to help you manage this important and often overlooked aspect of law firm management.  

Topics

4:00     Why law firms are a rich target for cyberhackers
7:45     How our computers are hacked
10:15  Security issues raised by working remotely
11:12  VPN security via cell phone
12:23  Whether hackers can gain access via phone apps
13:20  Cell phone security
14:30  What to do if your system has been hacked
16:00  Lawyer’s obligations around client data security
18:30  Range of consequences of a data breach
19:40  Technical know-how and legal malpractice
20:20  Court decisions in data breaches
27:33  ABA Formal Op. 483 highlights
32:12  Ethics rules touching on data security
34:27  General liability insurance versus cyber insurance coverage
36:26  Basic preventative measures against hacking
40:50  Steps to take after a data breach
42:45  Top-of-the-line “wish list” practices
45:27  Signature signoff question


Quotes

“There’s a general recognition that there are two pieces to tech competence for lawyers: one is education and lawyers raising the level of their own understanding of security and using basic security practices. The other is to recognize the limits of our own knowledge and to associate with experts and people who really understand this area so that they can help us in the areas we didn’t go to law school for.” (Helen Geib)

“Cybercriminals are considered terrorists, so [if you pay a ransom] you’re technically financing a terrorist organization, which is against federal law. You also don’t want it to be profitable for them because as long as it’s profitable, they’re going to keep doing it. The more people pay, the more they’re going to want to do it.” (BJ Moore)
 

Recommended Resources
Helen Geib, Hoover Hull Turner

BJ Moore, Right Hand IT Solutions

FBI Internet Crime Compliance Center IC3

A Guide to Law Firm Cybersecurity Risks & Ethical Compliance

ABA Formal Op. 483

Cyberattacks Have Become Commonplace – Know the Ethics of Prevention and Response

What Is Cyber Insurance? Do You Need It? 

Millard v. Doran, No. 153262/2016 (Sup. Ct. N.Y. Cty.)

Wengui v. Clark Hill, PLC, (D.D.C. Feb. 20, 2020)

Hiscox Ins. Co., Inc. v. Warden Grier, LLP, 474 F. Supp.3d 1004 (W.D. Mo. 2020)

 

Share
Apple Podcasts Spotify Overcast Stitcher TuneIn + Alexa Castro +
Show Notes

In Episode 17 of “May the Record Reflect,” we’re talking about cybersecurity for law firms: why it’s important, how to prevent hackers from accessing your clients’ electronic data, what to do if it happens, and what ethics canons have to say about it. Patent attorney and e-discovery expert Helen Geib and technologist BJ Moore share their tips to help you manage this important and often overlooked aspect of law firm management.  

Topics

4:00     Why law firms are a rich target for cyberhackers
7:45     How our computers are hacked
10:15  Security issues raised by working remotely
11:12  VPN security via cell phone
12:23  Whether hackers can gain access via phone apps
13:20  Cell phone security
14:30  What to do if your system has been hacked
16:00  Lawyer’s obligations around client data security
18:30  Range of consequences of a data breach
19:40  Technical know-how and legal malpractice
20:20  Court decisions in data breaches
27:33  ABA Formal Op. 483 highlights
32:12  Ethics rules touching on data security
34:27  General liability insurance versus cyber insurance coverage
36:26  Basic preventative measures against hacking
40:50  Steps to take after a data breach
42:45  Top-of-the-line “wish list” practices
45:27  Signature signoff question


Quotes

“There’s a general recognition that there are two pieces to tech competence for lawyers: one is education and lawyers raising the level of their own understanding of security and using basic security practices. The other is to recognize the limits of our own knowledge and to associate with experts and people who really understand this area so that they can help us in the areas we didn’t go to law school for.” (Helen Geib)

“Cybercriminals are considered terrorists, so [if you pay a ransom] you’re technically financing a terrorist organization, which is against federal law. You also don’t want it to be profitable for them because as long as it’s profitable, they’re going to keep doing it. The more people pay, the more they’re going to want to do it.” (BJ Moore)
 

Recommended Resources
Helen Geib, Hoover Hull Turner

BJ Moore, Right Hand IT Solutions

FBI Internet Crime Compliance Center IC3

A Guide to Law Firm Cybersecurity Risks & Ethical Compliance

ABA Formal Op. 483

Cyberattacks Have Become Commonplace – Know the Ethics of Prevention and Response

What Is Cyber Insurance? Do You Need It? 

Millard v. Doran, No. 153262/2016 (Sup. Ct. N.Y. Cty.)

Wengui v. Clark Hill, PLC, (D.D.C. Feb. 20, 2020)

Hiscox Ins. Co., Inc. v. Warden Grier, LLP, 474 F. Supp.3d 1004 (W.D. Mo. 2020)