As cybersecurity threats continue to become more sophisticated, and as more of these threats are directed at lawyers, law firms, and legal professionals, The Cybersecurity & Privacy Law Committee of The Florida Bar has officially created and published a model response plan. The Committee, “in recognition of the constantly evolving and dynamic risks and impacts of cybersecurity incidents, as uniquely if not especially targeting Members of the Florida Bar, seeks to encourage Florida Bar Members to adopt proactive measures aimed at safeguarding their sensitive firm data as well as that of their respective Clients and Third Parties.”
The plan and recommendations are designed to serve as a guide for lawyers throughout the state, providing incident response processes and advice. To view The Cybersecurity & Privacy Law Committee’s recommendations in full, including guidance on developing your own incident response plan, click here.
These recommendations come as more advanced ransomware attacks and data breaches are occurring within the legal community here in Florida. According to IBM, Ransomware is defined as “… a type of malware that holds a victim’s sensitive data or device hostage, threatening to keep it locked—or worse—unless the victim pays a ransom to the attacker.”
Microsoft distinguishes between cyberattacks and data breaches, stating that “Cyberattacks can target any connected device and sensitive data may or may not be exposed, while data breaches exclusively involve the disclosure, alternation (sic), or destruction of sensitive information.”
The model incident response plan provides Florida lawyers with a foundational document that helps to protect both law firms and clients, and makes it possible to minimize damage and recover quickly should a cyberattack or breach occur. For additional information about protecting yourself and your resources from potential attacks, visit the Florida Lawyers Mutual Cyber Security Risk Management Resource Center for Florida Lawyers.
