HCBA Lawyer Magazine No. 36, Issue 6 | Page 58

lawyeRs & lawFiRms: siTTingduCksFoRCyBeRCRiminals
Technology Section Co-Chairs: ­Kurt­Sanger­ – Buchanan­Ingersoll­ & ­Rooney­ & ­Caroline­Spradlin­ – Phelps­Dunbar
Commonmisconception: small & mid-sizefirmsaren’ t cybercriminals’ targets. Reality: firmsofallsizesare primeopportunities.
The legal profession is significantly underperforming when it comes to cybersecurity. Despite years of warnings and increasing awareness of digital threats, too many law firms find themselves turning to cyber incident attorneys only after a crisis has struck— whether it’ s ransomware locking down their systems, email compromises exposing sensitive client information, or other catastrophic IT failures. While every lawyer handles highly sensitive information— private client data, confidential communications, valuable business secrets— most remain dangerously unprepared for the rising frequency and sophistication of cyber threats targeting legal practices. This root causes of this unreadiness are clear: complacency, misconceptions about the threat landscape, and a reluctance to prioritize cybersecurity investments. When a law firm experiences a cybersecurity incident, the impact is immediate and often devastating. Routine activities can come to a complete standstill as systems go offline for days or weeks. Attorneys are unable to access files or communicate by phone or email, and firm leadership shifts focus from legal work to crisis management. The effects damage productivity and erode trust, as clients become anxious and
question the firm’ s ability to protect their information.
A common misconception persists that small and mid-sized firms are not attractive targets for cybercriminals. In reality, cybercriminals see law firms of all sizes as prime opportunities because of the valuable data they hold. An attorney facing the threat of exposed confidential client information, settlement strategies, and legal secrets can easily be persuaded to pay a ransom.
During a ransomware incident, firms face chaos. Systems are encrypted or compromised without warning, and a firm’ s ability to make filings, meet deadlines, complete deliverables, or even contact clients is severely disrupted. The response often involves forensic investigation, a complete audit of a firm’ s digital information, negotiating with dishonorable( but, oddly, sometimes reliable) negotiation partners, and a complete overhaul of security protocols— all while trying to keep client confidentiality intact, meet legal obligations, and keep the firm afloat. The aftermath can include legal liabilities, regulatory scrutiny, state bar inquiry, and long-term reputational damage.
Despite these clear risks, many firms neglect fundamental protections. They fail to understand the evolving threat landscape or to implement basic safeguards. Instead, they often rely on low-cost providers lacking the expertise to defend against sophisticated cybercriminals or to expel intruders once inside. This shortsighted approach leaves critical vulnerabilities unaddressed, increasing the likelihood of a devastating if not existential breach.
Cyber threats constantly evolve. Many organizations, including law firms, are now out of business because they failed to take these threats seriously. Action is necessary— not just to try to prevent attacks, but to prepare for an effective response when incidents occur. Protecting client data, maintaining operational continuity, and safeguarding a firm’ s reputation requires a proactive approach to cybersecurity. Attorneys who reasonably demonstrate that they recognize the threat, invest to protect against and respond to attacks, and show that they genuinely care about these issues set themselves above and apart from all attorneys who do not take these steps. n
Authors: Jillian Cash & Kurt Sanger – Buchanan Ingersoll and Rooney PC
5 6 J U LY- A U G 2 0 2 6 | H C B A L A W Y E R