Key Issues in Cyber Security for Law FirmsA full-day workshop designed to help attendees grasp the key issues affecting law firm cyber security - from risk assessment to program design
8:30AM Registration & Networking Breakfast
9:00AM Introductions/Opening Remarks
9:05AM Threats, Security and Trust
How the escalating threats within the law firm industry, the growing number of breaches and our clients’ demands are changing the way we deal with security and trust.
9:15AM Trends in Cyber Security
Updates on the current threat environment, strategies employed by attackers, and the trends affecting law firms.
10:15AM Morning Networking & Coffee Break
10:30AM Building a Sustainable Cyber Security Program (Part 1)
Overview of the prevalent security frameworks, benefits of the different approaches and how to select a framework for your organization.
11:30AM Building a Sustainable Cyber Security Program (Part 2)
Detailed case study of one firm’s journey from awareness to initial assessment and the plans they developed to address cyber security for the firm. We will also review a sample implementation strategy.
12:30PM Networking Luncheon
1:30PM What is “Cyber Attest”?
We will cover the Cyber Attest approach to build and maintain trust with your clients and how to get the same trust built with your vendors. We will cover the purpose and benefits of SOC (System and Organization Controls) reporting.
2:30PM Cyber Security Audit: Realistic Practices (Part 1)
How do you prepare for client-specific cyber security information requests? How do you prepare for the onsite audits? What is reasonable to expect from you and your team, and from the auditors?
3:30PM Afternoon Networking & Coffee Break
3:45PM Cyber Security Audit: Realistic Practices (Part 2)
We will cover the lifecycle of graduating to a formal audit to break the cycle of continuous auditing and move your firm into an “audit once, comply many” approach. We will start with the readiness review and how to use those results to develop and sustain incremental progress to finally complete the formal audit.
4:30PM Wrap-Up/Closing Remarks
Law firms are being targeted by cyber criminals at an ever-increasing pace. Some of the country’s most prestigious firms have found themselves in the headlines because hackers exploited weaknesses in their information systems.
These instances have caused sensitive client information, provided to these firms under the assumption that it be held in trust, to be exposed and possibly used for illicit purposes. Other security breaches that have made the news have caused significant business interruption. Law firm clients have responded by subjecting their legal providers with swarms of checklists, revised engagement letter terms, disclaimers and on-site visits by their own auditing and security professionals.
In today’s environment, it is evident that validating a law firm’s information security systems is becoming a requirement prior to obtaining and for retaining a client. The constant threats related to law firms’ information security are real and the marketplace has responded in various and unpredictable ways to verify information will be safe when in the hands of legal professionals.
Ark Group’s Key Issues in Cyber Security for Law Firms is a full-day workshop designed to give law firm leaders the necessary tools to:
- Understand the key issues affecting law firm cyber security
- Perform an information technology risk assessment for their firm
- Design a cyber security program for their law firm
- Streamline a cyber security audit imposed by the clients of law firms
- “Pull back the curtain” on what it really means to undergo a cyber attest project
The instructors for this workshop are professionals that have deep experience in providing information technology security services to law firms in addition to other organizations that place a premium on the security of sensitive information. The instructors’ backgrounds include a professional that has served in a leadership role on a national standards-setting organization as well as a professional that has provided security work for the Air Force, NSA and Pentagon.