SALES: 978-367-3655 SUPPORT: 978-250-8355 [email protected]

Contributed by Charlie Magliato, Biscom

I had the opportunity to participate last week in the LegalSEC Summit held in Chicago.  LegalSEC is an initiative sponsored by the Server Operations and Security Peer Group of the International legal Technology Association to deliver a set of best practices and a framework that law firms can adapt to build or enhance their information assurance/security programs.  LegalSEC’s Legal Information Security Council’s mission is to enhance the delivery of secure services to clients by raising and maintaining security awareness and by providing an asset protection framework for law firms.

There are five primary objectives:

1. Analyze and Adapt Current Standards
2. Deliver a Set of Policies and Procedures Templates
3. Recommend Technical Controls, a Defense-in-Depth Approach
4. Provide a Security Awareness Program Template
5. Create an Information-Sharing Group

Over 100 Sr. IT management and staff tasked with managing firm security programs came together to attend and participate in sessions and workshops designed to heighten awareness of the growing threat of cybercrime  targeting law firms and share best practices for improving security best practices.  Sessions included BYOD mobile device management and security, dealing with client security audits, understanding the security risks and specific steps to improve a firm’s security postures.

Beyond the important best practices and practical information security strategies and technologies that were shared at these sessions what was particularly eye opening was the dramatically expanding magnitude and breadth of the cybercrime threats to law firms and to government and industry in general.

With much of my focus these days on data breach threats associated with law firm ad-hoc data exchange I thought I had a pretty good grasp of the scope of the cyber-crime threats facing the legal community.  However the keynote address by FBI Special Agent Eric Brelsford cast this threat in a whole new light for me.  Agent Brelsford is currently assigned to the FBI Chicago field office’s criminal computer intrusion squad and is responsible for investigating cyber security threats and data breaches. 

Here are some of the highlights of Agent Brelsford’s presentation:

  • Cybercrimes are committed by four primary groups: state sponsored organizations, organized crime, hacktivists (individuals and groups that commit cyber-crimes to advance political agenda), and individuals involved for monetary gain.

  • The primary state sponsors include Russia, Eastern Europe and China.

  • According to a recent Mandiant report hundreds of terabytes of data have been stolen in recent years with the focus on stealing intellectual property and classified government information.

  • Phishing emails are one of the most successful approaches for breaching corporate data and are typically uses to inject malware that siphons targeted data.  Often the malware will go undetected for long periods of time.

  • The cybercrime industry is growing in sophistication with the criminal enterprises becoming more specialized in nature.  There is a growing trend for organizations to specialize in developing and selling malware to cyber criminals.  And malware is becoming a commodity, selling for $100 to a few thousand dollars per malware program.  The malware developers can be as large as several hundred employees, providing traditional support services to the bad guys, including help desk support.

  • Law firms are being increasingly targeted by the cyber criminals, since a law firm breach can net confidential data of hundreds of corporations and individuals. 

  • Mobile devices are the new targets for cybercrime since increasing amounts of confidential data is being downloaded.  Android devices tend to the most vulnerable

Recommendations and best practices for improving security:

  • Conduct user awareness training

  • Develop an instant response plan in the event of a breach

  • Perform penetration testing

  • Have resources identified ahead of time that will take the lead in taking action and reporting on data breaches

  • Implement controls to prevent unauthorized transfer of firm data to outside parties

  • Limit access to firm data by non-work related computers and devices

  • In the event of a data breach contact law enforcement immediately.

For more information, please visit us online:

ILTA LegalSEC Biscom