Think Before You Hit “Send”
By Mark Murphey Henry and Jessica Guarino
I Mark Murphey Henry lives and works in Northwest Arkansas and is with the Rose Law Firm. Mark is a registered patent attorney and earned a Master of Laws (LL.M.) in agricultural law. He works in complex federal litigation and also with university institutions and companies to protect intellectual properties.
Jessica Guarino is a 3L at the University of Arkansas School of Law in Fayetteville, Arkansas.
22
The Arkansas Lawyer
www.arkbar.com
n a world where cybersecurity breaches are discussed in terms of “when” rather than “if,”1 the legal profession has recognized the need for attorneys to make greater efforts to protect client information. Not only have data breaches in law firms substantially increased, but the FBI has warned that hackers specifically target law firms due to the highly sensitive information stored and exchanged through often insecure methods.2 In light of the Trump Administration’s repeal of FCC privacy rules preventing internet service providers from gathering and selling consumer’s internet usage data,3 it is imperative that attorneys adopt heightened cybersecurity measures in their firms to ensure the confidentiality of their clients’ information. Risks of Inadequate Cybersecurity Massive data breaches have increased in frequency and size with some studies claiming that reported data breaches “[have] increased by 75 per cent over the past two years.”4 IBM indicated that in 2018, “the global average cost of a data breach is up 6.4 percent over the previous year to $3.86 million. The average cost for each lost or stolen record containing sensitive and confidential information also increased by 4.8 percent year over year to $148.”5 Recent breaches of major companies such as Facebook’s in its Cambridge Analytica Scandal6 and Equifax7 demonstrate that no one is wholly immune from data breaches and all must make greater efforts to secure the information they handle. Data breaches among large law firms over recent years exhibit the devastating impact hackers can create: from DLA Piper’s breach in 2017 that temporarily “shut down [its] digital operations around the world” to the theft of more than 2.6 TB of data and 11.5 million “sensitive records”