chevron-down Created with Sketch Beta.


Legal Cybersecurity Tips and Secrets, Part I

Michael Andrew Iseri


  • Being vigilant and taking proactive measures to protect sensitive information are crucial in safeguarding lawyers’ and their clients’ sensitive information against an evolving landscape of cyber threats.
  • To do so, it is important to define these threats. Read on to learn about common cyberattack vectors to be alert for.
Legal Cybersecurity Tips and Secrets, Part I
NoSystem images via Getty Images

On March 22, 2021, the California Supreme Court significantly amended the Rules of Professional Conduct to address risks associated with technology use in legal practice. In particular, amendments to Rule 1.1 placed an obligation on attorneys to be aware of and understand risks associated with the use of technology in their legal practices, including cyber threats and cybersecurity issues.

Navigating Digital Threats: Attack Vectors and Exploit Areas

Being vigilant and taking proactive measures to protect sensitive information are crucial in safeguarding lawyers’ and their clients’ sensitive information against an evolving landscape of cyber threats. To do so, it is important to define these threats. Common cyberattack vectors to be alert for include the following:

  • Social engineering: This involves manipulative tactics to deceive individuals into revealing confidential information. Legal professionals must be aware of such attempts and exercise skepticism in their interactions.
  • Computer exploits: It is vital to stay informed about and protect against exploits that target computer vulnerabilities. Regular updates and security measures are essential in thwarting such attacks.
  • Risky attachments: Email attachments are a standard method for spreading malware. Caution should be exercised when opening attachments, especially from unknown or untrusted sources.
  • Phishing: Deceptive emails or messages that aim to extract sensitive information are abundant. Legal professionals should scrutinize emails for authenticity and avoid clicking on suspicious links or providing confidential information.
  • Man-in-the-middle attacks: These attacks involve intercepting communication between two parties. Ensuring secure and encrypted communication channels is vital to prevent such interception.
  • Spoofing: This refers to the act of impersonating legitimate entities to gain access to information or networks. Awareness and verification of the authenticity of communication and digital entities are vital in preventing such breaches.
  • Vigilance in digital spaces: Just as one would avoid risky situations in real life, the same prudence should be applied in digital spaces. Avoiding suspicious websites, unsecured networks, and other digital “alleyways” is essential.

Two Fundamental Rules in Cybersecurity: Prioritizing Physical Security and Human Factors

There are two fundamental rules in cybersecurity for reducing the risks of cyber threats and other cybersecurity issues:

Rule 1: Prioritize physical security over cybersecurity.

Even the best cybersecurity measures are ineffective where physical access to devices is compromised. As a primary defense mechanism, it is important to prevent unauthorized access to physical devices. Such prevention involves safeguarding physical devices against theft or physical damage.

Rule 2: Acknowledge the human element.

Humans are often the weakest link in the cybersecurity chain, and tricking someone is usually more feasible than breaching a machine’s defenses. As a complement to reducing physical access to devices, it is vital to focus on educating and training individuals within an organization. Such education and training include fostering a culture of security awareness, ensuring that staff are knowledgeable about common cyber threats like phishing and social engineering, and equipping staff to recognize and respond to cyber threats.

Protecting Your Hardware: Physical and Device Security

In addition to the two fundamental rules above, attorneys may take additional steps to protect their sensitive information and reduce cyber threats risks. One key aspect is the state of encryption on various devices. It is essential for attorneys to recognize that laptops running Windows or Apple’s macOS are not encrypted by default unless the user activates encryption manually. Similarly, Android and iOS phones typically require users to activate encryption manually. This setting contrasts with the setting in Google Chromebooks, which comes with encryption enabled as standard. Awareness and appropriate action regarding these encryption standards are crucial.

Another vital component of device security is consistent software maintenance. Regularly updating and patching software is more than just a performance enhancer; it is a critical defense against exploiting known vulnerabilities. These updates often include vital security patches that protect devices and data from emerging cyber threats.

The legal sector, in particular, must be vigilant against the risks of external devices. They can be carriers of malware or facilitate data breaches, which can compromise the confidentiality and integrity of sensitive legal information. Hence, never plugging a random USB device or phone into a computer is not just a precaution—it is a necessity in maintaining stringent cybersecurity protocols.

By adhering to these practices, legal professionals can ensure a higher level of security for their physical devices.

Data Backups: Ensuring Data Integrity and Accessibility

Effective data management and backup strategies are critical for providing a safe environment for data. Regular data backups are a robust defense against potential data loss and ransomware. To do this, legal professionals must be acutely aware of where their data are stored, encompassing physical devices and online cloud backup services.

The safe storage of these backups is equally important. It is imperative that the backups are not only regularly updated but also physically secure and safeguarded from unauthorized access or environmental risks. In environments where devices are shared among multiple entities, understanding and ensuring data segregation are vital to prevent unauthorized access or data mixing.

Policies regarding employee access to stored data must clearly outline who can access specific data and under which circumstances. Should a breach occur, a well-defined response policy, including immediate actions, notification procedures, legal implications, and remediation steps, should be in place.

Furthermore, implementing a disaster recovery and business continuity plan ensures minimal disruption to legal services in the event of significant data loss, safeguarding the firm’s and clients’ interests. Last, protocols concerning data access and exportation must be established and rigorously followed to ensure compliance with legal standards and to maintain client confidentiality.

Good safeguarding data practices should include the following:

  • Consistent data backups: Regularly backing-up data is the first defense against data loss. Having multiple backup copies is essential, including on physical devices and in cloud services.
  • Data storage awareness: Understand where your data are stored. This includes knowledge of physical devices, cloud backup services, and other data repositories.
  • Security of backups: Ensure backups are physically secure and protected from unauthorized access or environmental hazards.
  • Data segregation: In environments where multiple entities use the same device, understand how data are segregated to prevent unauthorized access or data mixing.
  • Access policies: Develop clear policies regarding employee access to stored data, outlining who can access which data and under what circumstances.
  • Third-party access and breach protocols: Create comprehensive policies and procedures for third-party access to data and establish breach notification protocols.
  • Response to breaches: Have a well-defined response policy for data breaches, detailing immediate actions, notification procedures, and remediation steps.
  • Disaster recovery and business continuity: Implement a disaster recovery and business continuity plan to ensure minimal disruption to legal services in the event of a significant data loss.
  • Data access and exportation protocols: Establish protocols concerning access to and exportation of your data, ensuring legal compliance and client confidentiality.

By implementing comprehensive data backup strategies, maintaining vigilant security protocols, and establishing clear policies for data access and breach response, attorneys can significantly enhance the protection and integrity of sensitive information. Ultimately, these practices are not just about safeguarding data; they are about preserving the foundational principles of confidentiality and reliability that are integral to the legal profession.

In the second and third articles in the series, I will discuss password security and practices for effective password management and platform-specific tips for maximizing efficiency and productivity, respectively.