Cybersecurity: Every GC's Responsibility

Firms must accept they will have to change their client's most critical asset is electronic, and its a lawyer's duty to protect while its in the law firm's network.  Take steps now to protect your law firm's network:

• Limit administrator access on all PCs. Its convenient for everyone in the firm to be able to download apps and update software on workstations.  
• Require responsible password habits.  These include randowm secure password generators or unique passwords that change frequently.
• Go partially offline.  If there is a way to segregate extremely sensitive data on a network that does not have Internet access, the firm should do so.
• Don't blindly trust that a website will take responsible precautions.  While firms have been hacked, the public has not seen the kind of embarrassing data breach at a firm that causes real economic and lasting reputation damage.  But like it or not that incident is coming.

Firms that are serious about client service need to ditch the cavalier attitude about computer network security and button up their network security and button up their network to protect against the very real threat of hacking.  A GC's due diligence should include hard questions about whether  outside counsel are ahead or behind the curve.

Erin Nealy Cox is an executive managing director and firmwide cybercrime practice leader at Stroz Friedberg in Dallas.