Evidence Solutions, Inc., (ESI) is a premier forensics company founded in 1982.

ESI Provides Elite Experts in:

Digital and Electronic Evidence, Computer Forensics, Cell Phone Forensics
Trucking, Truck Accident Investigation and Trucking Regulations, Truck Safety Consulting, Heavy Vehicles & Hazardous Materials
Sports and Fitness, Fitness Facility Standard of Care
Real Estate & Land, Real Estate Syndication
Bankruptcy and Corporate Governance
Accident Reconstruction & Product Failure Analysis!

Call Us For A Free Consultation! 866-795-7166


Cyber Forensics Expert Witness:
"Law Firms Must Step Up Cybersecurity!"

Electronic Evidence / Cyber Forensics Experts Articles

A recent article in the New York Times underscores the demand clients are requiring of their law firms to step up their cybersecurity. Financial institutions, including some Wall Street banks, are asking their outside counselors to answer questionnaires of up to 60 pages, which probe the firm’s cyber security measures. Other types of corporations are also asking their legal firms to allow for internal and/or external Information Technology (IT) firms to do an audit.Data Privacy Word CloudClearly these institutions are interested in keeping their own secrets and confidential client information safe from the growing threat of Black Hat Hackers. These secrets and confidential information could be used by hackers for their own financial gain or even shared with other organizations.

The corporate auditors want to know if steps are being taken to guard against the potential compromise of sensitive information. This includes: protecting against online intrusions, requiring corporate email encryption, elimination of data walking around on thumb drives, prevention of sending email or documents to unsecure iPads and other mobile devices, and more.

If these companies do not feel that a law firm is taking the appropriate precautions, it would follow, legal work may be withheld from firms which are either unprepared or uninterested in stepping up their cyber security. In addition, firms may be required to purchase Cybersecurity insurance in addition to their already existing Errors and Omissions (E&O) or legal malpractice policies.

Research by FireEye, a cybersecurity firm, estimates that 95% of all organizations are vulnerable to attacks. In its report titled: “Law Firm’s Survey 2013 – Executive Summary” FireEye says, “Information Security is a key area of focus across all law firms, but over one-quarter of respondees to our survey have yet to carry out a security risk assessment covering both Information Security and Physical Security.”

Law enforcement is concerned as well about the vulnerability of American law firms to online attacks. The FBI recognizes that law firms are a rich repository of corporate secrets, business strategies and intellectual property. These secrets, once discovered, could be used by potential hackers to manipulate a transaction or to financially gain from a deal before it is announced.

According to reports, the FBI began to meet with the managing partners of top law firms in the United States as early as 2011. The meetings stressed the need for cyber security in such large firms. They especially expressed concern for law firms with offices in foreign countries like China and Russia.

The push from corporate clients may just be the catalyst which causes law firms to tighten up their security. It is one thing if law enforcement encourages you to take cybersecurity seriously, it is another if a corporate client indicates that failure to do so will affect your bottom line. Encouragement can also come in the form of an example. One such example is Target’s breach at the end of 2013, when the retailer says that at least 40 million credit and debit card accounts were compromised.

Pressure from the Security and Exchange Commission (SEC) appears to pushing the financial institutions into tightening their security, which in turn is pushing the law firms. SEC financial regulators are requiring banks to make sure the vendors they rely on, such as law firms and other service providers, are vigilant when it comes to dealing with cybersecurity.

“The public and private sectors must be riveted in lock step in addressing these threats,” Mary Jo White, the Chairwoman of the SEC. She made this comment at a round-table discussion, held in late March 2014, on the obligations of public companies to disclose online attacks.

It is likely that some law firms, like most organizations, have been hacked and don’t know it. It is not unusual for organizations which have had an intrusion to be completely unaware for months or years.


By Scott Greene

Evidence Solutions, Inc.

Complex Electronic Evidence in PLAIN English.

Call us today with your Digital Evidence Questions: 866-795-7166 or This email address is being protected from spambots. You need JavaScript enabled to view it.

Related Articles:

Alert! Stop using Microsoft’s Internet Explorer RIGHT NOW!

Healthcare Industry is Vulnerable to Cyber Attacks

Almost all States have a Data Breach Law - 2014

Electronic Frontier Foundation 2014 “Who has your back”

Law Firm's Trust Account Hacked! Six Figures Taken!!!


Like Our Electronic Evidence Expert Witnesses on Facebook

Follow Our Digital Evidence Division on LinkedIn

Circle Evidence Solutions' Digital Experts on Google+

Google+ Author

Google+ Publisher