SlideShare una empresa de Scribd logo

Lawyers' Ethical Obligations for Cybersecurity

Shawn Tuma
Shawn Tuma

This Cybersecurity Law Update was presented to the 2019 Collin County Bench Bar Conference #CCBB2019 on May 17, 2019, by Shawn Tuma.

Derecho
1 de 12
Descargar para leer sin conexión
Spencer Fane LLP | spencerfane.com Lawyers’ Ethical Obligations for Cybersecurity Collin County Bench Bar Conference 2019 Shawn Tuma Co-Chair, Cybersecurity & Data Privacy Spencer Fane LLP | @spencerfane spencerfane.com | @shawnetuma
But first, join us on Social Media!
Spencer Fane LLP | spencerfane.com The Problem for Lawyers • Prefer to ignore but obligated to address • Impact all lawyers and law firms alike • Clients demanding adequate security • Law firms are an increasingly popular target – Value and sensitivity of data – Data for multiple clients
Spencer Fane LLP | spencerfane.com
Spencer Fane LLP | spencerfane.com
Spencer Fane LLP | spencerfane.com The Ethics for Lawyers “A lawyer should preserve the confidences and secrets of a client.” • Ethics Opinion 384 (Sept. 1975) • Canon No. 4, Code of Professional Responsibility • Disciplinary Rule (DR) 4-101 (A) and (B) • New duty of “technical competence” for lawyers
Spencer Fane LLP | spencerfane.com Can you hear me now? • ABA Ethics Opinion 483 • Lawyers’ Obligations After an Electronic Data Breach of Cyberattack • October 17, 2018
Spencer Fane LLP | spencerfane.com Ethics Opinion 483 • Lawyers’ Obligations After an Electronic Data Breach or Cyberattack – Proactive obligations – “data breach” ≠ “data breach” • “data breach” – “a data event where material client confidential information is misappropriated, destroyed or otherwise compromised, or where a lawyer’s ability to perform the legal services for which the lawyer is hired is significantly impaired by the episode.” • Ransomware? • Service provider network outage, even if no access or exfiltraton?
Spencer Fane LLP | spencerfane.com Ethics Opinion 483 • Focus is on the overall process of protecting information, not the result. • Requires lawyers to: 1. Be competent by keeping abreast of the benefits and risks associated with relevant technology; 2. Have reasonable cybersecurity safeguards in place; 3. Follow appropriate data destruction procedures; 4. Actively monitor for breaches of client information; 5. Address third-party risk; 6. Investigate, respond to, and mitigate incidents; 7. Develop and implement an incident response plan; and 8. Notify clients in an appropriate manner when there has been a “data breach.”
Spencer Fane LLP | spencerfane.com Cybersecurity Best Practices • Risk assessment • Policies and procedures focused on cybersecurity – Culture – Social engineering, password, security questions • Train workforce on P&P, security • Phish all workforce • Multi-factor authentication • Internal controls / access controls to restrict unnecessary data risk • Data retention policy • Signature based antivirus and malware detection • No outdated or unsupported software • Patch management process • Backups segmented offline, cloud, redundant • Incident response plan • Encrypt sensitive and air-gap hypersensitive data • Adequate logging and retention • Third-party security risk management program • Firewall, intrusion detection and prevention systems • Managed services provider (MSP) or managed security services provider (MSSP) • Cyber risk insurance
Spencer Fane LLP | spencerfane.com #CCBB19
Spencer Fane LLP | spencerfane.com Shawn Tuma Co-Chair, Cybersecurity & Data Privacy Spencer Fane LLP 972.324.0317 stuma@spencerfane.com • Board, Southern Methodist University Cyber Advisory • Board of Advisors, North Texas Cyber Forensics Lab • Policy Council, National Technology Security Coalition • Practitioner Editor, Bloomberg BNA – Texas Cybersecurity & Data Privacy Law • Board of Directors & General Counsel, Cyber Future Foundation • Cybersecurity & Data Privacy Law Trailblazers, National Law Journal (2016) • SuperLawyers Top 100 Lawyers in Dallas (2016) • SuperLawyers 2015-19 • Best Lawyers in Dallas 2014-19, D Magazine (Cybersecurity Law) • Council, Computer & Technology Section, State Bar of Texas • Privacy and Data Security Committee of the State Bar of Texas • College of the State Bar of Texas • Board of Directors, Collin County Bench Bar Conference • Past Chair, Civil Litigation & Appellate Section, Collin County Bar Association • Information Security Committee of the Section on Science & Technology Committee of the American Bar Association • North Texas Crime Commission, Cybercrime Committee & Infragard (FBI) • International Association of Privacy Professionals

Recomendados

The Role of Contracts in Privacy, Cybersecurity, and Data Breach
The Role of Contracts in Privacy, Cybersecurity, and Data BreachThe Role of Contracts in Privacy, Cybersecurity, and Data Breach
The Role of Contracts in Privacy, Cybersecurity, and Data BreachShawn Tuma
 
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Shawn Tuma
 
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Shawn Tuma
 
Real World Cyber Risk. Understand it. Manage it.
Real World Cyber Risk. Understand it. Manage it.Real World Cyber Risk. Understand it. Manage it.
Real World Cyber Risk. Understand it. Manage it.Shawn Tuma
 
Cybersecurity: Cyber Risk Management for Lawyers and Clients
Cybersecurity: Cyber Risk Management for Lawyers and ClientsCybersecurity: Cyber Risk Management for Lawyers and Clients
Cybersecurity: Cyber Risk Management for Lawyers and ClientsShawn Tuma
 
The Dark Side of Digital Engagement
The Dark Side of Digital EngagementThe Dark Side of Digital Engagement
The Dark Side of Digital EngagementShawn Tuma
 
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Shawn Tuma
 
The Legal Case for Cyber Risk Management Programs and What They Should Include
The Legal Case for Cyber Risk Management Programs and What They Should IncludeThe Legal Case for Cyber Risk Management Programs and What They Should Include
The Legal Case for Cyber Risk Management Programs and What They Should IncludeShawn Tuma
 

Recomendados

The Role of Contracts in Privacy, Cybersecurity, and Data Breach
The Role of Contracts in Privacy, Cybersecurity, and Data BreachThe Role of Contracts in Privacy, Cybersecurity, and Data Breach
The Role of Contracts in Privacy, Cybersecurity, and Data BreachShawn Tuma
 
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Shawn Tuma
 
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Shawn Tuma
 
Real World Cyber Risk. Understand it. Manage it.
Real World Cyber Risk. Understand it. Manage it.Real World Cyber Risk. Understand it. Manage it.
Real World Cyber Risk. Understand it. Manage it.Shawn Tuma
 
Cybersecurity: Cyber Risk Management for Lawyers and Clients
Cybersecurity: Cyber Risk Management for Lawyers and ClientsCybersecurity: Cyber Risk Management for Lawyers and Clients
Cybersecurity: Cyber Risk Management for Lawyers and ClientsShawn Tuma
 
The Dark Side of Digital Engagement
The Dark Side of Digital EngagementThe Dark Side of Digital Engagement
The Dark Side of Digital EngagementShawn Tuma
 
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Shawn Tuma
 
The Legal Case for Cyber Risk Management Programs and What They Should Include
The Legal Case for Cyber Risk Management Programs and What They Should IncludeThe Legal Case for Cyber Risk Management Programs and What They Should Include
The Legal Case for Cyber Risk Management Programs and What They Should IncludeShawn Tuma
 
Recovering from a Cyber Attack
Recovering from a Cyber AttackRecovering from a Cyber Attack
Recovering from a Cyber AttackShawn Tuma
 
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...Shawn Tuma
 
Netwatcher Credit Union Tech Talk
Netwatcher Credit Union Tech TalkNetwatcher Credit Union Tech Talk
Netwatcher Credit Union Tech TalkNetWatcher
 
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...centralohioissa
 
The Legal Case for Cybersecurity - SecureWorld Denver 2017 (Lunch Keynote)
The Legal Case for Cybersecurity - SecureWorld Denver 2017 (Lunch Keynote)The Legal Case for Cybersecurity - SecureWorld Denver 2017 (Lunch Keynote)
The Legal Case for Cybersecurity - SecureWorld Denver 2017 (Lunch Keynote)Shawn Tuma
 
Exhibitor session: Fortinet
Exhibitor session: FortinetExhibitor session: Fortinet
Exhibitor session: FortinetJisc
 
The Legal Case for Cybersecurity - SecureWorld Dallas 2017 (Lunch Keynote)
The Legal Case for Cybersecurity - SecureWorld Dallas 2017 (Lunch Keynote)The Legal Case for Cybersecurity - SecureWorld Dallas 2017 (Lunch Keynote)
The Legal Case for Cybersecurity - SecureWorld Dallas 2017 (Lunch Keynote)Shawn Tuma
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsShawn Tuma
 
Why Your Organization Must Have a Cyber Risk Management Program and How to De...
Why Your Organization Must Have a Cyber Risk Management Program and How to De...Why Your Organization Must Have a Cyber Risk Management Program and How to De...
Why Your Organization Must Have a Cyber Risk Management Program and How to De...Shawn Tuma
 
Security Kung Fu: Firewall Logs
Security Kung Fu: Firewall LogsSecurity Kung Fu: Firewall Logs
Security Kung Fu: Firewall LogsJoshua Berman
 
The Science and Art of Cyber Incident Response (with Case Studies)
The Science and Art of Cyber Incident Response (with Case Studies)The Science and Art of Cyber Incident Response (with Case Studies)
The Science and Art of Cyber Incident Response (with Case Studies)Kroll
 
NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...
NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...
NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...North Texas Chapter of the ISSA
 
Industrial Control Security USA Sacramento California Oct 6/7
Industrial Control Security USA Sacramento California Oct 6/7Industrial Control Security USA Sacramento California Oct 6/7
Industrial Control Security USA Sacramento California Oct 6/7James Nesbitt
 
Cybersecurity | Fraud 2.0 Presentation to the Association of Certified Fraud ...
Cybersecurity | Fraud 2.0 Presentation to the Association of Certified Fraud ...Cybersecurity | Fraud 2.0 Presentation to the Association of Certified Fraud ...
Cybersecurity | Fraud 2.0 Presentation to the Association of Certified Fraud ...Shawn Tuma
 
Cyber Security 101: What Your Agency Needs to Know
Cyber Security 101: What Your Agency Needs to KnowCyber Security 101: What Your Agency Needs to Know
Cyber Security 101: What Your Agency Needs to KnowSandra Fathi
 
SME Cyber Insurance
SME Cyber Insurance SME Cyber Insurance
SME Cyber Insurance Netpluz Asia Pte Ltd
 
Cybersecurity (and Privacy) Issues - Legal and Compliance Issues Everyone in ...
Cybersecurity (and Privacy) Issues - Legal and Compliance Issues Everyone in ...Cybersecurity (and Privacy) Issues - Legal and Compliance Issues Everyone in ...
Cybersecurity (and Privacy) Issues - Legal and Compliance Issues Everyone in ...Shawn Tuma
 
Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...
Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...
Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...Netpluz Asia Pte Ltd
 
Cyber Security for Financial Institutions
Cyber Security for Financial InstitutionsCyber Security for Financial Institutions
Cyber Security for Financial InstitutionsKhawar Nehal khawar.nehal@atrc.net.pk
 
Cybersecurity: The Danger, the Cost, the Retaliation
Cybersecurity: The Danger, the Cost, the RetaliationCybersecurity: The Danger, the Cost, the Retaliation
Cybersecurity: The Danger, the Cost, the RetaliationPECB
 
Real World Cybersecurity Tips You Can Use to Protect Your Clients, Your Firm,...
Real World Cybersecurity Tips You Can Use to Protect Your Clients, Your Firm,...Real World Cybersecurity Tips You Can Use to Protect Your Clients, Your Firm,...
Real World Cybersecurity Tips You Can Use to Protect Your Clients, Your Firm,...Shawn Tuma
 
Multi-faceted Cyber Security v1
Multi-faceted Cyber Security v1Multi-faceted Cyber Security v1
Multi-faceted Cyber Security v1Asad Zaman
 

Más contenido relacionado

La actualidad más candente

Recovering from a Cyber Attack
Recovering from a Cyber AttackRecovering from a Cyber Attack
Recovering from a Cyber AttackShawn Tuma
 
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...Shawn Tuma
 
Netwatcher Credit Union Tech Talk
Netwatcher Credit Union Tech TalkNetwatcher Credit Union Tech Talk
Netwatcher Credit Union Tech TalkNetWatcher
 
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...centralohioissa
 
The Legal Case for Cybersecurity - SecureWorld Denver 2017 (Lunch Keynote)
The Legal Case for Cybersecurity - SecureWorld Denver 2017 (Lunch Keynote)The Legal Case for Cybersecurity - SecureWorld Denver 2017 (Lunch Keynote)
The Legal Case for Cybersecurity - SecureWorld Denver 2017 (Lunch Keynote)Shawn Tuma
 
Exhibitor session: Fortinet
Exhibitor session: FortinetExhibitor session: Fortinet
Exhibitor session: FortinetJisc
 
The Legal Case for Cybersecurity - SecureWorld Dallas 2017 (Lunch Keynote)
The Legal Case for Cybersecurity - SecureWorld Dallas 2017 (Lunch Keynote)The Legal Case for Cybersecurity - SecureWorld Dallas 2017 (Lunch Keynote)
The Legal Case for Cybersecurity - SecureWorld Dallas 2017 (Lunch Keynote)Shawn Tuma
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsShawn Tuma
 
Why Your Organization Must Have a Cyber Risk Management Program and How to De...
Why Your Organization Must Have a Cyber Risk Management Program and How to De...Why Your Organization Must Have a Cyber Risk Management Program and How to De...
Why Your Organization Must Have a Cyber Risk Management Program and How to De...Shawn Tuma
 
Security Kung Fu: Firewall Logs
Security Kung Fu: Firewall LogsSecurity Kung Fu: Firewall Logs
Security Kung Fu: Firewall LogsJoshua Berman
 
The Science and Art of Cyber Incident Response (with Case Studies)
The Science and Art of Cyber Incident Response (with Case Studies)The Science and Art of Cyber Incident Response (with Case Studies)
The Science and Art of Cyber Incident Response (with Case Studies)Kroll
 
NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...
NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...
NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...North Texas Chapter of the ISSA
 
Industrial Control Security USA Sacramento California Oct 6/7
Industrial Control Security USA Sacramento California Oct 6/7Industrial Control Security USA Sacramento California Oct 6/7
Industrial Control Security USA Sacramento California Oct 6/7James Nesbitt
 
Cybersecurity | Fraud 2.0 Presentation to the Association of Certified Fraud ...
Cybersecurity | Fraud 2.0 Presentation to the Association of Certified Fraud ...Cybersecurity | Fraud 2.0 Presentation to the Association of Certified Fraud ...
Cybersecurity | Fraud 2.0 Presentation to the Association of Certified Fraud ...Shawn Tuma
 
Cyber Security 101: What Your Agency Needs to Know
Cyber Security 101: What Your Agency Needs to KnowCyber Security 101: What Your Agency Needs to Know
Cyber Security 101: What Your Agency Needs to KnowSandra Fathi
 
Cybersecurity (and Privacy) Issues - Legal and Compliance Issues Everyone in ...
Cybersecurity (and Privacy) Issues - Legal and Compliance Issues Everyone in ...Cybersecurity (and Privacy) Issues - Legal and Compliance Issues Everyone in ...
Cybersecurity (and Privacy) Issues - Legal and Compliance Issues Everyone in ...Shawn Tuma
 
Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...
Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...
Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...Netpluz Asia Pte Ltd
 
Cybersecurity: The Danger, the Cost, the Retaliation
Cybersecurity: The Danger, the Cost, the RetaliationCybersecurity: The Danger, the Cost, the Retaliation
Cybersecurity: The Danger, the Cost, the RetaliationPECB
 

La actualidad más candente (20)

Recovering from a Cyber Attack
Recovering from a Cyber AttackRecovering from a Cyber Attack
Recovering from a Cyber Attack
 
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
 
Netwatcher Credit Union Tech Talk
Netwatcher Credit Union Tech TalkNetwatcher Credit Union Tech Talk
Netwatcher Credit Union Tech Talk
 
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
 
The Legal Case for Cybersecurity - SecureWorld Denver 2017 (Lunch Keynote)
The Legal Case for Cybersecurity - SecureWorld Denver 2017 (Lunch Keynote)The Legal Case for Cybersecurity - SecureWorld Denver 2017 (Lunch Keynote)
The Legal Case for Cybersecurity - SecureWorld Denver 2017 (Lunch Keynote)
 
Exhibitor session: Fortinet
Exhibitor session: FortinetExhibitor session: Fortinet
Exhibitor session: Fortinet
 
The Legal Case for Cybersecurity - SecureWorld Dallas 2017 (Lunch Keynote)
The Legal Case for Cybersecurity - SecureWorld Dallas 2017 (Lunch Keynote)The Legal Case for Cybersecurity - SecureWorld Dallas 2017 (Lunch Keynote)
The Legal Case for Cybersecurity - SecureWorld Dallas 2017 (Lunch Keynote)
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
 
Why Your Organization Must Have a Cyber Risk Management Program and How to De...
Why Your Organization Must Have a Cyber Risk Management Program and How to De...Why Your Organization Must Have a Cyber Risk Management Program and How to De...
Why Your Organization Must Have a Cyber Risk Management Program and How to De...
 
Security Kung Fu: Firewall Logs
Security Kung Fu: Firewall LogsSecurity Kung Fu: Firewall Logs
Security Kung Fu: Firewall Logs
 
The Science and Art of Cyber Incident Response (with Case Studies)
The Science and Art of Cyber Incident Response (with Case Studies)The Science and Art of Cyber Incident Response (with Case Studies)
The Science and Art of Cyber Incident Response (with Case Studies)
 
NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...
NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...
NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...
 
Industrial Control Security USA Sacramento California Oct 6/7
Industrial Control Security USA Sacramento California Oct 6/7Industrial Control Security USA Sacramento California Oct 6/7
Industrial Control Security USA Sacramento California Oct 6/7
 
Cybersecurity | Fraud 2.0 Presentation to the Association of Certified Fraud ...
Cybersecurity | Fraud 2.0 Presentation to the Association of Certified Fraud ...Cybersecurity | Fraud 2.0 Presentation to the Association of Certified Fraud ...
Cybersecurity | Fraud 2.0 Presentation to the Association of Certified Fraud ...
 
Cyber Security 101: What Your Agency Needs to Know
Cyber Security 101: What Your Agency Needs to KnowCyber Security 101: What Your Agency Needs to Know
Cyber Security 101: What Your Agency Needs to Know
 
SME Cyber Insurance
SME Cyber Insurance SME Cyber Insurance
SME Cyber Insurance
 
Cybersecurity (and Privacy) Issues - Legal and Compliance Issues Everyone in ...
Cybersecurity (and Privacy) Issues - Legal and Compliance Issues Everyone in ...Cybersecurity (and Privacy) Issues - Legal and Compliance Issues Everyone in ...
Cybersecurity (and Privacy) Issues - Legal and Compliance Issues Everyone in ...
 
Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...
Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...
Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...
 
Cyber Security for Financial Institutions
Cyber Security for Financial InstitutionsCyber Security for Financial Institutions
Cyber Security for Financial Institutions
 
Cybersecurity: The Danger, the Cost, the Retaliation
Cybersecurity: The Danger, the Cost, the RetaliationCybersecurity: The Danger, the Cost, the Retaliation
Cybersecurity: The Danger, the Cost, the Retaliation
 

Similar a Lawyers' Ethical Obligations for Cybersecurity

Real World Cybersecurity Tips You Can Use to Protect Your Clients, Your Firm,...
Real World Cybersecurity Tips You Can Use to Protect Your Clients, Your Firm,...Real World Cybersecurity Tips You Can Use to Protect Your Clients, Your Firm,...
Real World Cybersecurity Tips You Can Use to Protect Your Clients, Your Firm,...Shawn Tuma
 
Multi-faceted Cyber Security v1
Multi-faceted Cyber Security v1Multi-faceted Cyber Security v1
Multi-faceted Cyber Security v1Asad Zaman
 
Privacy and Technology in Your Practice: Why it Matters & Where is the Risk
Privacy and Technology in Your Practice: Why it Matters & Where is the RiskPrivacy and Technology in Your Practice: Why it Matters & Where is the Risk
Privacy and Technology in Your Practice: Why it Matters & Where is the Riskduffeeandeitzen
 
Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...
Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...
Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...Diana Maier
 
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Joe Bartolo
 
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)Paul C. Van Slyke
 
How to Build and Implement your Company's Information Security Program
How to Build and Implement your Company's Information Security ProgramHow to Build and Implement your Company's Information Security Program
How to Build and Implement your Company's Information Security ProgramFinancial Poise
 
CYBER SECURITY and DATA PRIVACY 2022_How to Build and Implement your Company'...
CYBER SECURITY and DATA PRIVACY 2022_How to Build and Implement your Company'...CYBER SECURITY and DATA PRIVACY 2022_How to Build and Implement your Company'...
CYBER SECURITY and DATA PRIVACY 2022_How to Build and Implement your Company'...Financial Poise
 
Cybersecurity Legal Issues: What You Really Need to Know
Cybersecurity Legal Issues: What You Really Need to KnowCybersecurity Legal Issues: What You Really Need to Know
Cybersecurity Legal Issues: What You Really Need to KnowShawn Tuma
 
Kaseya Kaspersky Breaches
Kaseya Kaspersky BreachesKaseya Kaspersky Breaches
Kaseya Kaspersky BreachesKaseya
 
Trade Secret Protection: Practical Advice on Protecting and Defending Your Or...
Trade Secret Protection: Practical Advice on Protecting and Defending Your Or...Trade Secret Protection: Practical Advice on Protecting and Defending Your Or...
Trade Secret Protection: Practical Advice on Protecting and Defending Your Or...Winston & Strawn LLP
 
ISSA North Texas - SecureWorld Expo Dallas - Cybersecurity Legal Issues: What...
ISSA North Texas - SecureWorld Expo Dallas - Cybersecurity Legal Issues: What...ISSA North Texas - SecureWorld Expo Dallas - Cybersecurity Legal Issues: What...
ISSA North Texas - SecureWorld Expo Dallas - Cybersecurity Legal Issues: What...Shawn Tuma
 
005. Ethics, Privacy and Security
005. Ethics, Privacy and Security005. Ethics, Privacy and Security
005. Ethics, Privacy and SecurityArianto Muditomo
 
Cybercrime and the Hidden Perils of Patient Data
Cybercrime and the Hidden Perils of Patient DataCybercrime and the Hidden Perils of Patient Data
Cybercrime and the Hidden Perils of Patient DataStephen Cobb
 
Don't let them take a byte
Don't let them take a byteDon't let them take a byte
Don't let them take a bytelgcdcpas
 
2016 ISACA NACACS - Audit Privacy Considerations
2016 ISACA NACACS - Audit Privacy Considerations2016 ISACA NACACS - Audit Privacy Considerations
2016 ISACA NACACS - Audit Privacy ConsiderationsNathan Anderson
 
Presentation on Information Privacy
Presentation on Information PrivacyPresentation on Information Privacy
Presentation on Information PrivacyPerry Slack
 
Cyber Security - ASGFOA
Cyber Security - ASGFOACyber Security - ASGFOA
Cyber Security - ASGFOAPeter Henley
 

Similar a Lawyers' Ethical Obligations for Cybersecurity (20)

Real World Cybersecurity Tips You Can Use to Protect Your Clients, Your Firm,...
Real World Cybersecurity Tips You Can Use to Protect Your Clients, Your Firm,...Real World Cybersecurity Tips You Can Use to Protect Your Clients, Your Firm,...
Real World Cybersecurity Tips You Can Use to Protect Your Clients, Your Firm,...
 
Multi-faceted Cyber Security v1
Multi-faceted Cyber Security v1Multi-faceted Cyber Security v1
Multi-faceted Cyber Security v1
 
Privacy and Technology in Your Practice: Why it Matters & Where is the Risk
Privacy and Technology in Your Practice: Why it Matters & Where is the RiskPrivacy and Technology in Your Practice: Why it Matters & Where is the Risk
Privacy and Technology in Your Practice: Why it Matters & Where is the Risk
 
Privacy, Encryption, and Anonymity in the Civil Legal Aid Context
Privacy, Encryption, and Anonymity in the Civil Legal Aid ContextPrivacy, Encryption, and Anonymity in the Civil Legal Aid Context
Privacy, Encryption, and Anonymity in the Civil Legal Aid Context
 
Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...
Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...
Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...
 
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
 
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)
 
How to Build and Implement your Company's Information Security Program
How to Build and Implement your Company's Information Security ProgramHow to Build and Implement your Company's Information Security Program
How to Build and Implement your Company's Information Security Program
 
CYBER SECURITY and DATA PRIVACY 2022_How to Build and Implement your Company'...
CYBER SECURITY and DATA PRIVACY 2022_How to Build and Implement your Company'...CYBER SECURITY and DATA PRIVACY 2022_How to Build and Implement your Company'...
CYBER SECURITY and DATA PRIVACY 2022_How to Build and Implement your Company'...
 
Cybersecurity Legal Issues: What You Really Need to Know
Cybersecurity Legal Issues: What You Really Need to KnowCybersecurity Legal Issues: What You Really Need to Know
Cybersecurity Legal Issues: What You Really Need to Know
 
Kaseya Kaspersky Breaches
Kaseya Kaspersky BreachesKaseya Kaspersky Breaches
Kaseya Kaspersky Breaches
 
Trade Secret Protection: Practical Advice on Protecting and Defending Your Or...
Trade Secret Protection: Practical Advice on Protecting and Defending Your Or...Trade Secret Protection: Practical Advice on Protecting and Defending Your Or...
Trade Secret Protection: Practical Advice on Protecting and Defending Your Or...
 
ISSA North Texas - SecureWorld Expo Dallas - Cybersecurity Legal Issues: What...
ISSA North Texas - SecureWorld Expo Dallas - Cybersecurity Legal Issues: What...ISSA North Texas - SecureWorld Expo Dallas - Cybersecurity Legal Issues: What...
ISSA North Texas - SecureWorld Expo Dallas - Cybersecurity Legal Issues: What...
 
005. Ethics, Privacy and Security
005. Ethics, Privacy and Security005. Ethics, Privacy and Security
005. Ethics, Privacy and Security
 
Cybercrime and the Hidden Perils of Patient Data
Cybercrime and the Hidden Perils of Patient DataCybercrime and the Hidden Perils of Patient Data
Cybercrime and the Hidden Perils of Patient Data
 
Don't let them take a byte
Don't let them take a byteDon't let them take a byte
Don't let them take a byte
 
SNW Fall 2009
SNW Fall 2009SNW Fall 2009
SNW Fall 2009
 
2016 ISACA NACACS - Audit Privacy Considerations
2016 ISACA NACACS - Audit Privacy Considerations2016 ISACA NACACS - Audit Privacy Considerations
2016 ISACA NACACS - Audit Privacy Considerations
 
Presentation on Information Privacy
Presentation on Information PrivacyPresentation on Information Privacy
Presentation on Information Privacy
 
Cyber Security - ASGFOA
Cyber Security - ASGFOACyber Security - ASGFOA
Cyber Security - ASGFOA
 

Más de Shawn Tuma

Incident Response Planning - Lifecycle of Responding to a Ransomware Attack
Incident Response Planning - Lifecycle of Responding to a Ransomware AttackIncident Response Planning - Lifecycle of Responding to a Ransomware Attack
Incident Response Planning - Lifecycle of Responding to a Ransomware AttackShawn Tuma
 
Reimagine Your Company Operating Again After a Ransomware Attack -- The Lifec...
Reimagine Your Company Operating Again After a Ransomware Attack -- The Lifec...Reimagine Your Company Operating Again After a Ransomware Attack -- The Lifec...
Reimagine Your Company Operating Again After a Ransomware Attack -- The Lifec...Shawn Tuma
 
Cyber Hygiene Checklist
Cyber Hygiene ChecklistCyber Hygiene Checklist
Cyber Hygiene ChecklistShawn Tuma
 
Cyber Incident Response Checklist
Cyber Incident Response ChecklistCyber Incident Response Checklist
Cyber Incident Response ChecklistShawn Tuma
 
Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)
Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)
Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)Shawn Tuma
 
Something is Phishy: Cyber Scams and How to Avoid Them
Something is Phishy: Cyber Scams and How to Avoid ThemSomething is Phishy: Cyber Scams and How to Avoid Them
Something is Phishy: Cyber Scams and How to Avoid ThemShawn Tuma
 
Cybersecurity Fundamentals for Legal Professionals (and every other business)
Cybersecurity Fundamentals for Legal Professionals (and every other business)Cybersecurity Fundamentals for Legal Professionals (and every other business)
Cybersecurity Fundamentals for Legal Professionals (and every other business)Shawn Tuma
 
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500NYDFS Cybersecurity Regulations - 23 NYCRR Part 500
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500Shawn Tuma
 
Cybersecurity Update
Cybersecurity UpdateCybersecurity Update
Cybersecurity UpdateShawn Tuma
 
Effective cybersecurity for small and midsize businesses
Effective cybersecurity for small and midsize businessesEffective cybersecurity for small and midsize businesses
Effective cybersecurity for small and midsize businessesShawn Tuma
 
The Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk Summit
The Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk SummitThe Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk Summit
The Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk SummitShawn Tuma
 
The Legal Case for Cyber Risk Management Programs and What They Should Include
The Legal Case for Cyber Risk Management Programs and What They Should IncludeThe Legal Case for Cyber Risk Management Programs and What They Should Include
The Legal Case for Cyber Risk Management Programs and What They Should IncludeShawn Tuma
 
"What Could Go Wrong?" - We're Glad You Asked!
"What Could Go Wrong?" - We're Glad You Asked!"What Could Go Wrong?" - We're Glad You Asked!
"What Could Go Wrong?" - We're Glad You Asked!Shawn Tuma
 
The Legal Case for Cybersecurity: Implementing and Maturing a Cyber Risk Mana...
The Legal Case for Cybersecurity: Implementing and Maturing a Cyber Risk Mana...The Legal Case for Cybersecurity: Implementing and Maturing a Cyber Risk Mana...
The Legal Case for Cybersecurity: Implementing and Maturing a Cyber Risk Mana...Shawn Tuma
 
Cybersecurity: How to Protect Your Firm from a Cyber Attack
Cybersecurity: How to Protect Your Firm from a Cyber AttackCybersecurity: How to Protect Your Firm from a Cyber Attack
Cybersecurity: How to Protect Your Firm from a Cyber AttackShawn Tuma
 
Contracting for Better Cybersecurity
Contracting for Better CybersecurityContracting for Better Cybersecurity
Contracting for Better CybersecurityShawn Tuma
 
#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm
#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm
#CyberAvengers - Artificial Intelligence in the Legal and Regulatory RealmShawn Tuma
 
Cybersecurity Fundamentals for Legal Professionals
Cybersecurity Fundamentals for Legal ProfessionalsCybersecurity Fundamentals for Legal Professionals
Cybersecurity Fundamentals for Legal ProfessionalsShawn Tuma
 
The Essentials of Cyber Insurance: A Panel of Industry Experts
The Essentials of Cyber Insurance: A Panel of Industry ExpertsThe Essentials of Cyber Insurance: A Panel of Industry Experts
The Essentials of Cyber Insurance: A Panel of Industry ExpertsShawn Tuma
 

Más de Shawn Tuma (19)

Incident Response Planning - Lifecycle of Responding to a Ransomware Attack
Incident Response Planning - Lifecycle of Responding to a Ransomware AttackIncident Response Planning - Lifecycle of Responding to a Ransomware Attack
Incident Response Planning - Lifecycle of Responding to a Ransomware Attack
 
Reimagine Your Company Operating Again After a Ransomware Attack -- The Lifec...
Reimagine Your Company Operating Again After a Ransomware Attack -- The Lifec...Reimagine Your Company Operating Again After a Ransomware Attack -- The Lifec...
Reimagine Your Company Operating Again After a Ransomware Attack -- The Lifec...
 
Cyber Hygiene Checklist
Cyber Hygiene ChecklistCyber Hygiene Checklist
Cyber Hygiene Checklist
 
Cyber Incident Response Checklist
Cyber Incident Response ChecklistCyber Incident Response Checklist
Cyber Incident Response Checklist
 
Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)
Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)
Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)
 
Something is Phishy: Cyber Scams and How to Avoid Them
Something is Phishy: Cyber Scams and How to Avoid ThemSomething is Phishy: Cyber Scams and How to Avoid Them
Something is Phishy: Cyber Scams and How to Avoid Them
 
Cybersecurity Fundamentals for Legal Professionals (and every other business)
Cybersecurity Fundamentals for Legal Professionals (and every other business)Cybersecurity Fundamentals for Legal Professionals (and every other business)
Cybersecurity Fundamentals for Legal Professionals (and every other business)
 
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500NYDFS Cybersecurity Regulations - 23 NYCRR Part 500
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500
 
Cybersecurity Update
Cybersecurity UpdateCybersecurity Update
Cybersecurity Update
 
Effective cybersecurity for small and midsize businesses
Effective cybersecurity for small and midsize businessesEffective cybersecurity for small and midsize businesses
Effective cybersecurity for small and midsize businesses
 
The Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk Summit
The Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk SummitThe Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk Summit
The Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk Summit
 
The Legal Case for Cyber Risk Management Programs and What They Should Include
The Legal Case for Cyber Risk Management Programs and What They Should IncludeThe Legal Case for Cyber Risk Management Programs and What They Should Include
The Legal Case for Cyber Risk Management Programs and What They Should Include
 
"What Could Go Wrong?" - We're Glad You Asked!
"What Could Go Wrong?" - We're Glad You Asked!"What Could Go Wrong?" - We're Glad You Asked!
"What Could Go Wrong?" - We're Glad You Asked!
 
The Legal Case for Cybersecurity: Implementing and Maturing a Cyber Risk Mana...
The Legal Case for Cybersecurity: Implementing and Maturing a Cyber Risk Mana...The Legal Case for Cybersecurity: Implementing and Maturing a Cyber Risk Mana...
The Legal Case for Cybersecurity: Implementing and Maturing a Cyber Risk Mana...
 
Cybersecurity: How to Protect Your Firm from a Cyber Attack
Cybersecurity: How to Protect Your Firm from a Cyber AttackCybersecurity: How to Protect Your Firm from a Cyber Attack
Cybersecurity: How to Protect Your Firm from a Cyber Attack
 
Contracting for Better Cybersecurity
Contracting for Better CybersecurityContracting for Better Cybersecurity
Contracting for Better Cybersecurity
 
#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm
#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm
#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm
 
Cybersecurity Fundamentals for Legal Professionals
Cybersecurity Fundamentals for Legal ProfessionalsCybersecurity Fundamentals for Legal Professionals
Cybersecurity Fundamentals for Legal Professionals
 
The Essentials of Cyber Insurance: A Panel of Industry Experts
The Essentials of Cyber Insurance: A Panel of Industry ExpertsThe Essentials of Cyber Insurance: A Panel of Industry Experts
The Essentials of Cyber Insurance: A Panel of Industry Experts
 

Último

一比一原版(IC毕业证书)帝国理工学院毕业证如何办理
一比一原版(IC毕业证书)帝国理工学院毕业证如何办理一比一原版(IC毕业证书)帝国理工学院毕业证如何办理
一比一原版(IC毕业证书)帝国理工学院毕业证如何办理Fir La
 
How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...
How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...
How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...Finlaw Associates
 
一比一原版悉尼大学毕业证如何办理
一比一原版悉尼大学毕业证如何办理一比一原版悉尼大学毕业证如何办理
一比一原版悉尼大学毕业证如何办理Airst S
 
589308994-interpretation-of-statutes-notes-law-college.pdf
589308994-interpretation-of-statutes-notes-law-college.pdf589308994-interpretation-of-statutes-notes-law-college.pdf
589308994-interpretation-of-statutes-notes-law-college.pdfSUSHMITAPOTHAL
 
Code_Ethics of_Mechanical_Engineering.ppt
Code_Ethics of_Mechanical_Engineering.pptCode_Ethics of_Mechanical_Engineering.ppt
Code_Ethics of_Mechanical_Engineering.pptJosephCanama
 
一比一原版(ECU毕业证书)埃迪斯科文大学毕业证如何办理
一比一原版(ECU毕业证书)埃迪斯科文大学毕业证如何办理一比一原版(ECU毕业证书)埃迪斯科文大学毕业证如何办理
一比一原版(ECU毕业证书)埃迪斯科文大学毕业证如何办理Airst S
 
一比一原版(Monash毕业证书)澳洲莫纳什大学毕业证如何办理
一比一原版(Monash毕业证书)澳洲莫纳什大学毕业证如何办理一比一原版(Monash毕业证书)澳洲莫纳什大学毕业证如何办理
一比一原版(Monash毕业证书)澳洲莫纳什大学毕业证如何办理bd2c5966a56d
 
Hely-Hutchinson v. Brayhead Ltd .pdf
Hely-Hutchinson v. Brayhead Ltd .pdfHely-Hutchinson v. Brayhead Ltd .pdf
Hely-Hutchinson v. Brayhead Ltd .pdfBritto Valan
 
ASMA JILANI EXPLAINED CASE PLD 1972 FOR CSS
ASMA JILANI EXPLAINED CASE PLD 1972 FOR CSSASMA JILANI EXPLAINED CASE PLD 1972 FOR CSS
ASMA JILANI EXPLAINED CASE PLD 1972 FOR CSSCssSpamx
 
The doctrine of harmonious construction under Interpretation of statute
The doctrine of harmonious construction under Interpretation of statuteThe doctrine of harmonious construction under Interpretation of statute
The doctrine of harmonious construction under Interpretation of statuteDeepikaK245113
 
一比一原版曼彻斯特城市大学毕业证如何办理
一比一原版曼彻斯特城市大学毕业证如何办理一比一原版曼彻斯特城市大学毕业证如何办理
一比一原版曼彻斯特城市大学毕业证如何办理Airst S
 
一比一原版(Essex毕业证书)埃塞克斯大学毕业证学位证书
一比一原版(Essex毕业证书)埃塞克斯大学毕业证学位证书一比一原版(Essex毕业证书)埃塞克斯大学毕业证学位证书
一比一原版(Essex毕业证书)埃塞克斯大学毕业证学位证书F La
 
Who is Spencer McDaniel? And Does He Actually Exist?
Who is Spencer McDaniel? And Does He Actually Exist?Who is Spencer McDaniel? And Does He Actually Exist?
Who is Spencer McDaniel? And Does He Actually Exist?Abdul-Hakim Shabazz
 
3 Formation of Company.www.seribangash.com.ppt
3 Formation of Company.www.seribangash.com.ppt3 Formation of Company.www.seribangash.com.ppt
3 Formation of Company.www.seribangash.com.pptseri bangash
 
Smarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation Strategy
Smarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation StrategySmarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation Strategy
Smarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation StrategyJong Hyuk Choi
 
一比一原版(Monash毕业证书)澳洲莫纳什大学毕业证如何办理
一比一原版(Monash毕业证书)澳洲莫纳什大学毕业证如何办理一比一原版(Monash毕业证书)澳洲莫纳什大学毕业证如何办理
一比一原版(Monash毕业证书)澳洲莫纳什大学毕业证如何办理F La
 
Analysis of R V Kelkar's Criminal Procedure Code ppt- chapter 1 .pptx
Analysis of R V Kelkar's Criminal Procedure Code ppt- chapter 1 .pptxAnalysis of R V Kelkar's Criminal Procedure Code ppt- chapter 1 .pptx
Analysis of R V Kelkar's Criminal Procedure Code ppt- chapter 1 .pptxadvabhayjha2627
 
Elective Course on Forensic Science in Law
Elective Course on Forensic Science in LawElective Course on Forensic Science in Law
Elective Course on Forensic Science in LawNilendra Kumar
 
一比一原版埃克塞特大学毕业证如何办理
一比一原版埃克塞特大学毕业证如何办理一比一原版埃克塞特大学毕业证如何办理
一比一原版埃克塞特大学毕业证如何办理Airst S
 
Career As Legal Reporters for Law Students
Career As Legal Reporters for Law StudentsCareer As Legal Reporters for Law Students
Career As Legal Reporters for Law StudentsNilendra Kumar
 

Último (20)

一比一原版(IC毕业证书)帝国理工学院毕业证如何办理
一比一原版(IC毕业证书)帝国理工学院毕业证如何办理一比一原版(IC毕业证书)帝国理工学院毕业证如何办理
一比一原版(IC毕业证书)帝国理工学院毕业证如何办理
 
How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...
How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...
How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...
 
一比一原版悉尼大学毕业证如何办理
一比一原版悉尼大学毕业证如何办理一比一原版悉尼大学毕业证如何办理
一比一原版悉尼大学毕业证如何办理
 
589308994-interpretation-of-statutes-notes-law-college.pdf
589308994-interpretation-of-statutes-notes-law-college.pdf589308994-interpretation-of-statutes-notes-law-college.pdf
589308994-interpretation-of-statutes-notes-law-college.pdf
 
Code_Ethics of_Mechanical_Engineering.ppt
Code_Ethics of_Mechanical_Engineering.pptCode_Ethics of_Mechanical_Engineering.ppt
Code_Ethics of_Mechanical_Engineering.ppt
 
一比一原版(ECU毕业证书)埃迪斯科文大学毕业证如何办理
一比一原版(ECU毕业证书)埃迪斯科文大学毕业证如何办理一比一原版(ECU毕业证书)埃迪斯科文大学毕业证如何办理
一比一原版(ECU毕业证书)埃迪斯科文大学毕业证如何办理
 
一比一原版(Monash毕业证书)澳洲莫纳什大学毕业证如何办理
一比一原版(Monash毕业证书)澳洲莫纳什大学毕业证如何办理一比一原版(Monash毕业证书)澳洲莫纳什大学毕业证如何办理
一比一原版(Monash毕业证书)澳洲莫纳什大学毕业证如何办理
 
Hely-Hutchinson v. Brayhead Ltd .pdf
Hely-Hutchinson v. Brayhead Ltd .pdfHely-Hutchinson v. Brayhead Ltd .pdf
Hely-Hutchinson v. Brayhead Ltd .pdf
 
ASMA JILANI EXPLAINED CASE PLD 1972 FOR CSS
ASMA JILANI EXPLAINED CASE PLD 1972 FOR CSSASMA JILANI EXPLAINED CASE PLD 1972 FOR CSS
ASMA JILANI EXPLAINED CASE PLD 1972 FOR CSS
 
The doctrine of harmonious construction under Interpretation of statute
The doctrine of harmonious construction under Interpretation of statuteThe doctrine of harmonious construction under Interpretation of statute
The doctrine of harmonious construction under Interpretation of statute
 
一比一原版曼彻斯特城市大学毕业证如何办理
一比一原版曼彻斯特城市大学毕业证如何办理一比一原版曼彻斯特城市大学毕业证如何办理
一比一原版曼彻斯特城市大学毕业证如何办理
 
一比一原版(Essex毕业证书)埃塞克斯大学毕业证学位证书
一比一原版(Essex毕业证书)埃塞克斯大学毕业证学位证书一比一原版(Essex毕业证书)埃塞克斯大学毕业证学位证书
一比一原版(Essex毕业证书)埃塞克斯大学毕业证学位证书
 
Who is Spencer McDaniel? And Does He Actually Exist?
Who is Spencer McDaniel? And Does He Actually Exist?Who is Spencer McDaniel? And Does He Actually Exist?
Who is Spencer McDaniel? And Does He Actually Exist?
 
3 Formation of Company.www.seribangash.com.ppt
3 Formation of Company.www.seribangash.com.ppt3 Formation of Company.www.seribangash.com.ppt
3 Formation of Company.www.seribangash.com.ppt
 
Smarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation Strategy
Smarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation StrategySmarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation Strategy
Smarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation Strategy
 
一比一原版(Monash毕业证书)澳洲莫纳什大学毕业证如何办理
一比一原版(Monash毕业证书)澳洲莫纳什大学毕业证如何办理一比一原版(Monash毕业证书)澳洲莫纳什大学毕业证如何办理
一比一原版(Monash毕业证书)澳洲莫纳什大学毕业证如何办理
 
Analysis of R V Kelkar's Criminal Procedure Code ppt- chapter 1 .pptx
Analysis of R V Kelkar's Criminal Procedure Code ppt- chapter 1 .pptxAnalysis of R V Kelkar's Criminal Procedure Code ppt- chapter 1 .pptx
Analysis of R V Kelkar's Criminal Procedure Code ppt- chapter 1 .pptx
 
Elective Course on Forensic Science in Law
Elective Course on Forensic Science in LawElective Course on Forensic Science in Law
Elective Course on Forensic Science in Law
 
一比一原版埃克塞特大学毕业证如何办理
一比一原版埃克塞特大学毕业证如何办理一比一原版埃克塞特大学毕业证如何办理
一比一原版埃克塞特大学毕业证如何办理
 
Career As Legal Reporters for Law Students
Career As Legal Reporters for Law StudentsCareer As Legal Reporters for Law Students
Career As Legal Reporters for Law Students
 

Lawyers' Ethical Obligations for Cybersecurity

  • 1. Spencer Fane LLP | spencerfane.com Lawyers’ Ethical Obligations for Cybersecurity Collin County Bench Bar Conference 2019 Shawn Tuma Co-Chair, Cybersecurity & Data Privacy Spencer Fane LLP | @spencerfane spencerfane.com | @shawnetuma
  • 2. But first, join us on Social Media!
  • 3. Spencer Fane LLP | spencerfane.com The Problem for Lawyers • Prefer to ignore but obligated to address • Impact all lawyers and law firms alike • Clients demanding adequate security • Law firms are an increasingly popular target – Value and sensitivity of data – Data for multiple clients
  • 4. Spencer Fane LLP | spencerfane.com
  • 5. Spencer Fane LLP | spencerfane.com
  • 6. Spencer Fane LLP | spencerfane.com The Ethics for Lawyers “A lawyer should preserve the confidences and secrets of a client.” • Ethics Opinion 384 (Sept. 1975) • Canon No. 4, Code of Professional Responsibility • Disciplinary Rule (DR) 4-101 (A) and (B) • New duty of “technical competence” for lawyers
  • 7. Spencer Fane LLP | spencerfane.com Can you hear me now? • ABA Ethics Opinion 483 • Lawyers’ Obligations After an Electronic Data Breach of Cyberattack • October 17, 2018
  • 8. Spencer Fane LLP | spencerfane.com Ethics Opinion 483 • Lawyers’ Obligations After an Electronic Data Breach or Cyberattack – Proactive obligations – “data breach” ≠ “data breach” • “data breach” – “a data event where material client confidential information is misappropriated, destroyed or otherwise compromised, or where a lawyer’s ability to perform the legal services for which the lawyer is hired is significantly impaired by the episode.” • Ransomware? • Service provider network outage, even if no access or exfiltraton?
  • 9. Spencer Fane LLP | spencerfane.com Ethics Opinion 483 • Focus is on the overall process of protecting information, not the result. • Requires lawyers to: 1. Be competent by keeping abreast of the benefits and risks associated with relevant technology; 2. Have reasonable cybersecurity safeguards in place; 3. Follow appropriate data destruction procedures; 4. Actively monitor for breaches of client information; 5. Address third-party risk; 6. Investigate, respond to, and mitigate incidents; 7. Develop and implement an incident response plan; and 8. Notify clients in an appropriate manner when there has been a “data breach.”
  • 10. Spencer Fane LLP | spencerfane.com Cybersecurity Best Practices • Risk assessment • Policies and procedures focused on cybersecurity – Culture – Social engineering, password, security questions • Train workforce on P&P, security • Phish all workforce • Multi-factor authentication • Internal controls / access controls to restrict unnecessary data risk • Data retention policy • Signature based antivirus and malware detection • No outdated or unsupported software • Patch management process • Backups segmented offline, cloud, redundant • Incident response plan • Encrypt sensitive and air-gap hypersensitive data • Adequate logging and retention • Third-party security risk management program • Firewall, intrusion detection and prevention systems • Managed services provider (MSP) or managed security services provider (MSSP) • Cyber risk insurance
  • 11. Spencer Fane LLP | spencerfane.com #CCBB19
  • 12. Spencer Fane LLP | spencerfane.com Shawn Tuma Co-Chair, Cybersecurity & Data Privacy Spencer Fane LLP 972.324.0317 stuma@spencerfane.com • Board, Southern Methodist University Cyber Advisory • Board of Advisors, North Texas Cyber Forensics Lab • Policy Council, National Technology Security Coalition • Practitioner Editor, Bloomberg BNA – Texas Cybersecurity & Data Privacy Law • Board of Directors & General Counsel, Cyber Future Foundation • Cybersecurity & Data Privacy Law Trailblazers, National Law Journal (2016) • SuperLawyers Top 100 Lawyers in Dallas (2016) • SuperLawyers 2015-19 • Best Lawyers in Dallas 2014-19, D Magazine (Cybersecurity Law) • Council, Computer & Technology Section, State Bar of Texas • Privacy and Data Security Committee of the State Bar of Texas • College of the State Bar of Texas • Board of Directors, Collin County Bench Bar Conference • Past Chair, Civil Litigation & Appellate Section, Collin County Bar Association • Information Security Committee of the Section on Science & Technology Committee of the American Bar Association • North Texas Crime Commission, Cybercrime Committee & Infragard (FBI) • International Association of Privacy Professionals