Although only one in seven businesses typically reports a cybersecurity hack to the federal government that should change now that the recent budget/government funding law requires 16 types of businesses to report hacks to the Department of Homeland Security within 72 hours. The types of hacks that must be reported include data breaches and ransomware attacks/payments. Lawyers and law firms already have an ethical obligation under the Rules of Professional Conduct to report breaches, attacks and other cybersecurity incidents to clients whose data may have been impacted.… Read the rest
The Federal Bureau of Investigation (FBI) has released a Private Industry Notification (PIN) to warn U.S. governments, elected officials and candidates about cybersecurity threats, particularly invoice-themed phishing emails that could be used to harvest these officials’ login credentials. This threat applies to all governments, local to national, all government employees, all elected officials, and all candidates for elected office. In short, this threat applies to a wide range of people, and it is one to take very seriously.… Read the rest
No matter your politics, most of us aren’t thinking of President Biden when it comes to technology advice. Yet it was the Biden White House offering excellent advice on protecting yourself online. This isn’t fancy geek language, it is the same cybersecurity advice I have given in dozens of programs not only to lawyers and law firms but also to community groups and others.… Read the rest
The FCC has added Kaspersky products to the list of cybersecurity risks. Law firms should alert staff not to use the products on any devices that access their firms’ networks to safeguard client information.
Of course, the last thing you need from your Internet security product is for it to be a threat to your security. Let alone national security. But on Friday, the Federal Communications Commission (FCC) called Kaspersky a national cybersecurity threat by adding Kaspersky, China Mobile, and China Telecom to the list of companies affected by the Secure and Trusted Communications Networks Act of 2019.… Read the rest
In the new COVID world in which the traditional office has been replaced in full or in part by a work from home existence, many of us never think about the issues that arise when we are doing our jobs at the kitchen table.
- What if you get up to answer the phone and trip? Is that a work-related issue under the Workers’ Compensation Law?
The NSA has released a cybersecurity report on how to better secure Voice and Video Over Internet Protocol (VOIP) systems. These systems allows you to make calls using an Internet connection rather than a regular phone line and combine voice, video, and instant messaging.
The report is helpful and provides easy-to-understand guidance on how to protect these communications from vulnerabilities and hackers and limit the risk to data confidentiality.… Read the rest
It is incompetent for a lawyer to believe, let alone say or write that “It is illegal [for a lawyer] to text or email anything of substance.” The statement is also completely wrong, legally and ethically.
Yet one lawyer, an ethics “maven” no loss, who writes a column for a major local legal newspaper, actually wrote those completely inaccurate words as part of his lament that – because of COVID-19 – he can no longer work in the same type of law office common in 1973, when he received his law license, you know, when Richard Nixon was President.… Read the rest
The almost overly stale cliché that it is not good to stick your head in the sand applies to so many topics. But for lawyers, or at least a large number of them, mention technology and they want to scream “na na na na na” and ignore you. But more and more, sticking their heads in the sand won’t help lawyers.… Read the rest
Passwords – we all hate having to deal with them. After all, we’re supposed to have different passwords for every website. Plus, they must be complicated. How in the world can we create all of these passwords and still remember them? Instead, it’s easy to just use ABC123 or Password or some other generic phrase. The problem is that those among us with less than stellar motives can easily hack those passwords and access all of our confidential information.… Read the rest