Matthew Ferrante, a partner at Withum who leads the firm’s cyber and information security service, delivered the keynote address, using his experience as an electronic crimes special agent with the U.S. Secret Service to drive home the message about the importance of physically securing electronic devices to protect data.
In terms of global cybersecurity, the United States is lagging behind other major countries, according to Ferrante. “Despite having some of the best security in the world, we are [overwhelmed] by highly sophisticated hackers,” Ferrante said, adding that wearable tech, vehicles with USB ports, printers, and USB flash drives as easy gateways for hackers to either steal vital information or to infect with ransomware (malware designed to hold critical electronic information hostage until ransom is paid).
It's not just about losing your data. It's the confidentiality of it, it's the integrity of it, and it's the assurance that the data is available. Fake security is the path to the dark side. Matthew Ferrante Partner, Withum Cyber
In the afternoon seminar “Making Sense of the Cybersecurity Landscape,” Ferrante and Anand Raj Shah, a privacy and data security associated with Manatt, Phelps &Phillips, LLP, explained the main reasons why law firms are easy targets for cyberattacks. These include the economic gain for hackers, high quality and quantity of documents, the selectivity of law firm data, and the fact that most law firms have notoriously weak security systems.
Ferrante and Shah reported that the United States is the top target for cyberattacks, costing the country $6 trillion by 2021. A ransomware attack occurs every 14 seconds, and by 2021, one will happen every 11 seconds, they said.
“The cybersecurity market by 2024 will be $300 billon,” Ferrante said. Ferrante offered several suggestions for law firms to prevent data breaches, including strengthening their physical environments that house electronic data, not letting their IT department choose which third-party firm will audit their data environment security assessment, and purchasing cybersecurity insurance.
Ferrante also encouraged law firms to be mindful of disgruntled employees, because sometimes cyberattacks can come from within the organization.
Other highlights of the institute include the seminar “Getting to Know Digital Currency and Blockchain Technology,” presented by Chris DeMayo, partner at Withum, and Tracy D. Drynan, senior staff attorney at Cleary Gottlieb Steen & Hamilton LLP. DeMayo explained the history of Bitcoin, the volatility of the currency’s market, and major considerations to protect one’s cryptocurrency wallet.
DeMayo and Drynan also spoke about the 2017–2018 surge in Bitcoin that pushed digital currencies into the public lexicon and shared more about its uses and the ethical issues surrounding clients and digital currencies.
In “What Attorneys Should Know About SOC 2 Audits and How They Have Quickly Become the Standard for Technology Companies,” Withum’s Tony Chapman explored digital security audits, particularly what attorneys should know when it comes to practice management and representing clients.
Authors: Jeffery Leon and John Murph, Reposted from the DC Bar