- AutorIn
- David O'Donovan
- Alexandra Marshakova
- Titel
- Overcoming the security quagmire
- Untertitel
- behavioural science and modern technology hold the key to solving the complex issue of law firm cyber security
- Zitierfähige Url:
- https://nbn-resolving.org/urn:nbn:de:bsz:15-qucosa2-212160
- Quellenangabe
- Compliance Elliance Journal - 4 (2018),1, Legal tech
Erscheinungsjahr: 2018
Jahrgang: 4
Heft: 1
Seiten: 27-58 - Erstveröffentlichung
- 2018
- Abstract (EN)
- While all industries that handle valuable data have been subject to increasing levels of cyber attack, there is a set of inter-related factors in the law firm cyber security ecosystem that makes such firms more susceptible to attack and also serves to prevent them from taking action to counteract attack vulnerability. As a result of the inter-related external and internal factors affecting law firm cyber security, the human element of firm security infrastructure has been neglected, thereby making humans, at once law firms’ greatest asset, their main cyber security weakness. 1There has been some movement of late, and regulators and clients alike are right to demand law firms do more to improve their cyber security posture.2 However, much of the scrutiny to which their conduct has been subjected has tended to overlook the complexities of the law firm cyber security quagmire, and unless these issues are addressed in the context of a potential solution, meaningful change is not While all industries that handle valuable data have been subject to increasing levels of cyber attack, there is a set of inter-related factors in the law firm cyber security ecosystem that makes such firms more susceptible to attack and also serves to prevent them from taking action to counteract attack vulnerability. As a result of the inter-related external and internal factors affecting law firm cyber security, the human element of firm security infrastructure has been neglected, thereby making humans, at once law firms’ greatest asset, their main cyber security weakness. 1There has been some movement of late, and regulators and clients alike are right to demand law firms do more to improve their cyber security posture.2 However, much of the scrutiny to which their conduct has been subjected has tended to overlook the complexities of the law firm cyber security quagmire, and unless these issues are addressed in the context of a potential solution, meaningful change is not While all industries that handle valuable data have been subject to increasing levels of cyber attack, there is a set of inter-related factors in the law firm cyber security ecosystem that makes such firms more susceptible to attack and also serves to prevent them from taking action to counteract attack vulnerability. As a result of the inter-related external and internal factors affecting law firm cyber security, the human element of firm security infrastructure has been neglected, thereby making humans, at once law firms’ greatest asset, their main cyber security weakness. 1There has been some movement of late, and regulators and clients alike are right to demand law firms do more to improve their cyber security posture.2 However, much of the scrutiny to which their conduct has been subjected has tended to overlook the complexities of the law firm cyber security quagmire, and unless these issues are addressed in the context of a potential solution, meaningful change is not likely. Part 1 of this paper outlines the current threat landscape and details the integral role of human error in successful cyber breaches before turning to discuss recent cyber security incidents involving law firms. In Part 2, we analyse elements of law firm short-termism and the underregulation of law firm cyber security conduct and how these, when combined, play a key role in shaping law firm cyber security posture. Finally, in Part 3 we outline a realistic solution, incorporating principles from behavioural science and modern technological developments.
- Freie Schlagwörter (DE)
- Legal Technology, legal tech, Compliance, Software, Jurist
- Freie Schlagwörter (EN)
- Legal technology, legal tech, compliance
- Klassifikation (DDC)
- 343
- Publizierende Institution
- Universität Leipzig, Leipzig
- University of Miami, Miami
- Version / Begutachtungsstatus
- angenommene Version / Postprint / Autorenversion
- URN Qucosa
- urn:nbn:de:bsz:15-qucosa2-212160
- Veröffentlichungsdatum Qucosa
- 14.05.2018
- Dokumenttyp
- Artikel
- Sprache des Dokumentes
- Englisch