Presented by: RPost
Course Number: 2710
Course Credits: 1.0 hour of General CLE credit including 1.0 hour of Technology credit

Course Description:

Recent laws enacted in Florida and nationally increase the professional responsibility of attorneys who are the victims of a cyber-attack or data breach of any kind. We will review the reasons why attorneys are legally bound to protect client data and then dive into a discussion of the most common cyber-threats to attorneys and their clients including ransomware, phishing schemes, man-in-the-middle and Business Email Compromise (BEC).

Attorneys can reduce their vulnerabilities by following simple steps to identify the point of entry for hackers and creating policies and procedures to reduce risk. For example, employees often leave devices unattended and unsecured, especially when they are outside of the office. By training employees and creating a culture of accountability, attorneys can reduce the risk of cybercrime significantly. Finally, attorneys should pay special attention to their method of emailing as most data breaches occur through email hacks or viruses and malware sent via email.

What you’ll learn:

    • Why attorneys and small businesses are at risk
      • Increased incidence of cyberattacks
      • Small businesses are the biggest target
    • Professional responsibility of attorneys
      • Cloud Ethics Opinion in Florida
        • Reasonable care standard
        • Specific recommendations to attorneys
      • Florida Model Rules of Professional Conduct
    • Latest cybercrime schemes
      • Ransomware
      • Phishing schemes
        • Use of social media
      • Man in the Middle
      • Business Email Compromise
    • Points of Entry
      • Cloud
      • Email
      • Human Error & Passwords
      • Unattended Devices
      • 3rd Party WIFI
    • What is typically stolen in a data breach
      • PII
      • PCI
      • PHI
      • Financial Information
      • Trade Secrets
    • Examples of recent data breaches impacting attorneys
      • HIPAA Example
      • Real Estate Example
      • General Litigation Example
    • Managing risk of a data breach
      • Basic steps
        • Don’t open attachments or click unknown links
        • Keep your software up to date
        • Don’t email anything of consequence unless it is encrypted
        • Be wary of sharing documents on the web
        • Corporate Policies that hold employees accountable for a breach
        • Employee training
      • Best practices for avoiding mistakes working in the Cloud
        • Cloud, desktop, mobile working together
        • Shared calendars
        • Permissions and control access
        • Disaster Recovery
        • How to store confidential data in the Cloud
      • Key requirements for an email service
        • Open tracking
        • Direct delivery
        • Auditable proof of compliance
        • Digital timestamp
        • Messages can stay encrypted in your inbox
      • Prove data was protected with registered receipts
        • Key requirements
          • Legal Proof
          • Easy for Recipient
          • Secure Reply Functions
        • Encrypt outgoing emails, files and file attachments
          • Large files are encrypted
          • Direct delivery to facilitate compliance
          • Legal proof of what was sent
      • What’s Next?
        • States continue to amend data breach statutes
        • Attorneys will be held to a higher standard and expected to implement cybersecurity practices
        • Clients will require secure communications from their attorneys

rpost-logo