SlideShare uma empresa Scribd logo

Lawyers' Ethical Obligations for Cybersecurity

Shawn Tuma
Shawn Tuma

This Cybersecurity Law Update was presented to the 2019 Collin County Bench Bar Conference #CCBB2019 on May 17, 2019, by Shawn Tuma.

Direito
1 de 12
Baixar para ler offline
Spencer Fane LLP | spencerfane.com Lawyers’ Ethical Obligations for Cybersecurity Collin County Bench Bar Conference 2019 Shawn Tuma Co-Chair, Cybersecurity & Data Privacy Spencer Fane LLP | @spencerfane spencerfane.com | @shawnetuma
But first, join us on Social Media!
Spencer Fane LLP | spencerfane.com The Problem for Lawyers • Prefer to ignore but obligated to address • Impact all lawyers and law firms alike • Clients demanding adequate security • Law firms are an increasingly popular target – Value and sensitivity of data – Data for multiple clients
Spencer Fane LLP | spencerfane.com
Spencer Fane LLP | spencerfane.com
Spencer Fane LLP | spencerfane.com The Ethics for Lawyers “A lawyer should preserve the confidences and secrets of a client.” • Ethics Opinion 384 (Sept. 1975) • Canon No. 4, Code of Professional Responsibility • Disciplinary Rule (DR) 4-101 (A) and (B) • New duty of “technical competence” for lawyers
Spencer Fane LLP | spencerfane.com Can you hear me now? • ABA Ethics Opinion 483 • Lawyers’ Obligations After an Electronic Data Breach of Cyberattack • October 17, 2018
Spencer Fane LLP | spencerfane.com Ethics Opinion 483 • Lawyers’ Obligations After an Electronic Data Breach or Cyberattack – Proactive obligations – “data breach” ≠ “data breach” • “data breach” – “a data event where material client confidential information is misappropriated, destroyed or otherwise compromised, or where a lawyer’s ability to perform the legal services for which the lawyer is hired is significantly impaired by the episode.” • Ransomware? • Service provider network outage, even if no access or exfiltraton?
Spencer Fane LLP | spencerfane.com Ethics Opinion 483 • Focus is on the overall process of protecting information, not the result. • Requires lawyers to: 1. Be competent by keeping abreast of the benefits and risks associated with relevant technology; 2. Have reasonable cybersecurity safeguards in place; 3. Follow appropriate data destruction procedures; 4. Actively monitor for breaches of client information; 5. Address third-party risk; 6. Investigate, respond to, and mitigate incidents; 7. Develop and implement an incident response plan; and 8. Notify clients in an appropriate manner when there has been a “data breach.”
Spencer Fane LLP | spencerfane.com Cybersecurity Best Practices • Risk assessment • Policies and procedures focused on cybersecurity – Culture – Social engineering, password, security questions • Train workforce on P&P, security • Phish all workforce • Multi-factor authentication • Internal controls / access controls to restrict unnecessary data risk • Data retention policy • Signature based antivirus and malware detection • No outdated or unsupported software • Patch management process • Backups segmented offline, cloud, redundant • Incident response plan • Encrypt sensitive and air-gap hypersensitive data • Adequate logging and retention • Third-party security risk management program • Firewall, intrusion detection and prevention systems • Managed services provider (MSP) or managed security services provider (MSSP) • Cyber risk insurance
Spencer Fane LLP | spencerfane.com #CCBB19
Spencer Fane LLP | spencerfane.com Shawn Tuma Co-Chair, Cybersecurity & Data Privacy Spencer Fane LLP 972.324.0317 stuma@spencerfane.com • Board, Southern Methodist University Cyber Advisory • Board of Advisors, North Texas Cyber Forensics Lab • Policy Council, National Technology Security Coalition • Practitioner Editor, Bloomberg BNA – Texas Cybersecurity & Data Privacy Law • Board of Directors & General Counsel, Cyber Future Foundation • Cybersecurity & Data Privacy Law Trailblazers, National Law Journal (2016) • SuperLawyers Top 100 Lawyers in Dallas (2016) • SuperLawyers 2015-19 • Best Lawyers in Dallas 2014-19, D Magazine (Cybersecurity Law) • Council, Computer & Technology Section, State Bar of Texas • Privacy and Data Security Committee of the State Bar of Texas • College of the State Bar of Texas • Board of Directors, Collin County Bench Bar Conference • Past Chair, Civil Litigation & Appellate Section, Collin County Bar Association • Information Security Committee of the Section on Science & Technology Committee of the American Bar Association • North Texas Crime Commission, Cybercrime Committee & Infragard (FBI) • International Association of Privacy Professionals

Recomendados

The Role of Contracts in Privacy, Cybersecurity, and Data Breach
The Role of Contracts in Privacy, Cybersecurity, and Data BreachThe Role of Contracts in Privacy, Cybersecurity, and Data Breach
The Role of Contracts in Privacy, Cybersecurity, and Data BreachShawn Tuma
 
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Shawn Tuma
 
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Shawn Tuma
 
Real World Cyber Risk. Understand it. Manage it.
Real World Cyber Risk. Understand it. Manage it.Real World Cyber Risk. Understand it. Manage it.
Real World Cyber Risk. Understand it. Manage it.Shawn Tuma
 
Cybersecurity: Cyber Risk Management for Lawyers and Clients
Cybersecurity: Cyber Risk Management for Lawyers and ClientsCybersecurity: Cyber Risk Management for Lawyers and Clients
Cybersecurity: Cyber Risk Management for Lawyers and ClientsShawn Tuma
 
The Dark Side of Digital Engagement
The Dark Side of Digital EngagementThe Dark Side of Digital Engagement
The Dark Side of Digital EngagementShawn Tuma
 
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Shawn Tuma
 
The Legal Case for Cyber Risk Management Programs and What They Should Include
The Legal Case for Cyber Risk Management Programs and What They Should IncludeThe Legal Case for Cyber Risk Management Programs and What They Should Include
The Legal Case for Cyber Risk Management Programs and What They Should IncludeShawn Tuma
 

Recomendados

The Role of Contracts in Privacy, Cybersecurity, and Data Breach
The Role of Contracts in Privacy, Cybersecurity, and Data BreachThe Role of Contracts in Privacy, Cybersecurity, and Data Breach
The Role of Contracts in Privacy, Cybersecurity, and Data BreachShawn Tuma
 
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Shawn Tuma
 
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Shawn Tuma
 
Real World Cyber Risk. Understand it. Manage it.
Real World Cyber Risk. Understand it. Manage it.Real World Cyber Risk. Understand it. Manage it.
Real World Cyber Risk. Understand it. Manage it.Shawn Tuma
 
Cybersecurity: Cyber Risk Management for Lawyers and Clients
Cybersecurity: Cyber Risk Management for Lawyers and ClientsCybersecurity: Cyber Risk Management for Lawyers and Clients
Cybersecurity: Cyber Risk Management for Lawyers and ClientsShawn Tuma
 
The Dark Side of Digital Engagement
The Dark Side of Digital EngagementThe Dark Side of Digital Engagement
The Dark Side of Digital EngagementShawn Tuma
 
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Shawn Tuma
 
The Legal Case for Cyber Risk Management Programs and What They Should Include
The Legal Case for Cyber Risk Management Programs and What They Should IncludeThe Legal Case for Cyber Risk Management Programs and What They Should Include
The Legal Case for Cyber Risk Management Programs and What They Should IncludeShawn Tuma
 
Recovering from a Cyber Attack
Recovering from a Cyber AttackRecovering from a Cyber Attack
Recovering from a Cyber AttackShawn Tuma
 
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...Shawn Tuma
 
Netwatcher Credit Union Tech Talk
Netwatcher Credit Union Tech TalkNetwatcher Credit Union Tech Talk
Netwatcher Credit Union Tech TalkNetWatcher
 
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...centralohioissa
 
The Legal Case for Cybersecurity - SecureWorld Denver 2017 (Lunch Keynote)
The Legal Case for Cybersecurity - SecureWorld Denver 2017 (Lunch Keynote)The Legal Case for Cybersecurity - SecureWorld Denver 2017 (Lunch Keynote)
The Legal Case for Cybersecurity - SecureWorld Denver 2017 (Lunch Keynote)Shawn Tuma
 
Exhibitor session: Fortinet
Exhibitor session: FortinetExhibitor session: Fortinet
Exhibitor session: FortinetJisc
 
The Legal Case for Cybersecurity - SecureWorld Dallas 2017 (Lunch Keynote)
The Legal Case for Cybersecurity - SecureWorld Dallas 2017 (Lunch Keynote)The Legal Case for Cybersecurity - SecureWorld Dallas 2017 (Lunch Keynote)
The Legal Case for Cybersecurity - SecureWorld Dallas 2017 (Lunch Keynote)Shawn Tuma
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsShawn Tuma
 
Why Your Organization Must Have a Cyber Risk Management Program and How to De...
Why Your Organization Must Have a Cyber Risk Management Program and How to De...Why Your Organization Must Have a Cyber Risk Management Program and How to De...
Why Your Organization Must Have a Cyber Risk Management Program and How to De...Shawn Tuma
 
Security Kung Fu: Firewall Logs
Security Kung Fu: Firewall LogsSecurity Kung Fu: Firewall Logs
Security Kung Fu: Firewall LogsJoshua Berman
 
The Science and Art of Cyber Incident Response (with Case Studies)
The Science and Art of Cyber Incident Response (with Case Studies)The Science and Art of Cyber Incident Response (with Case Studies)
The Science and Art of Cyber Incident Response (with Case Studies)Kroll
 
NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...
NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...
NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...North Texas Chapter of the ISSA
 
Industrial Control Security USA Sacramento California Oct 6/7
Industrial Control Security USA Sacramento California Oct 6/7Industrial Control Security USA Sacramento California Oct 6/7
Industrial Control Security USA Sacramento California Oct 6/7James Nesbitt
 
Cybersecurity | Fraud 2.0 Presentation to the Association of Certified Fraud ...
Cybersecurity | Fraud 2.0 Presentation to the Association of Certified Fraud ...Cybersecurity | Fraud 2.0 Presentation to the Association of Certified Fraud ...
Cybersecurity | Fraud 2.0 Presentation to the Association of Certified Fraud ...Shawn Tuma
 
Cyber Security 101: What Your Agency Needs to Know
Cyber Security 101: What Your Agency Needs to KnowCyber Security 101: What Your Agency Needs to Know
Cyber Security 101: What Your Agency Needs to KnowSandra Fathi
 
SME Cyber Insurance
SME Cyber Insurance SME Cyber Insurance
SME Cyber Insurance Netpluz Asia Pte Ltd
 
Cybersecurity (and Privacy) Issues - Legal and Compliance Issues Everyone in ...
Cybersecurity (and Privacy) Issues - Legal and Compliance Issues Everyone in ...Cybersecurity (and Privacy) Issues - Legal and Compliance Issues Everyone in ...
Cybersecurity (and Privacy) Issues - Legal and Compliance Issues Everyone in ...Shawn Tuma
 
Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...
Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...
Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...Netpluz Asia Pte Ltd
 
Cyber Security for Financial Institutions
Cyber Security for Financial InstitutionsCyber Security for Financial Institutions
Cyber Security for Financial InstitutionsKhawar Nehal khawar.nehal@atrc.net.pk
 
Cybersecurity: The Danger, the Cost, the Retaliation
Cybersecurity: The Danger, the Cost, the RetaliationCybersecurity: The Danger, the Cost, the Retaliation
Cybersecurity: The Danger, the Cost, the RetaliationPECB
 
Real World Cybersecurity Tips You Can Use to Protect Your Clients, Your Firm,...
Real World Cybersecurity Tips You Can Use to Protect Your Clients, Your Firm,...Real World Cybersecurity Tips You Can Use to Protect Your Clients, Your Firm,...
Real World Cybersecurity Tips You Can Use to Protect Your Clients, Your Firm,...Shawn Tuma
 
Multi-faceted Cyber Security v1
Multi-faceted Cyber Security v1Multi-faceted Cyber Security v1
Multi-faceted Cyber Security v1Asad Zaman
 

Mais conteúdo relacionado

Mais procurados

Recovering from a Cyber Attack
Recovering from a Cyber AttackRecovering from a Cyber Attack
Recovering from a Cyber AttackShawn Tuma
 
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...Shawn Tuma
 
Netwatcher Credit Union Tech Talk
Netwatcher Credit Union Tech TalkNetwatcher Credit Union Tech Talk
Netwatcher Credit Union Tech TalkNetWatcher
 
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...centralohioissa
 
The Legal Case for Cybersecurity - SecureWorld Denver 2017 (Lunch Keynote)
The Legal Case for Cybersecurity - SecureWorld Denver 2017 (Lunch Keynote)The Legal Case for Cybersecurity - SecureWorld Denver 2017 (Lunch Keynote)
The Legal Case for Cybersecurity - SecureWorld Denver 2017 (Lunch Keynote)Shawn Tuma
 
Exhibitor session: Fortinet
Exhibitor session: FortinetExhibitor session: Fortinet
Exhibitor session: FortinetJisc
 
The Legal Case for Cybersecurity - SecureWorld Dallas 2017 (Lunch Keynote)
The Legal Case for Cybersecurity - SecureWorld Dallas 2017 (Lunch Keynote)The Legal Case for Cybersecurity - SecureWorld Dallas 2017 (Lunch Keynote)
The Legal Case for Cybersecurity - SecureWorld Dallas 2017 (Lunch Keynote)Shawn Tuma
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsShawn Tuma
 
Why Your Organization Must Have a Cyber Risk Management Program and How to De...
Why Your Organization Must Have a Cyber Risk Management Program and How to De...Why Your Organization Must Have a Cyber Risk Management Program and How to De...
Why Your Organization Must Have a Cyber Risk Management Program and How to De...Shawn Tuma
 
Security Kung Fu: Firewall Logs
Security Kung Fu: Firewall LogsSecurity Kung Fu: Firewall Logs
Security Kung Fu: Firewall LogsJoshua Berman
 
The Science and Art of Cyber Incident Response (with Case Studies)
The Science and Art of Cyber Incident Response (with Case Studies)The Science and Art of Cyber Incident Response (with Case Studies)
The Science and Art of Cyber Incident Response (with Case Studies)Kroll
 
NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...
NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...
NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...North Texas Chapter of the ISSA
 
Industrial Control Security USA Sacramento California Oct 6/7
Industrial Control Security USA Sacramento California Oct 6/7Industrial Control Security USA Sacramento California Oct 6/7
Industrial Control Security USA Sacramento California Oct 6/7James Nesbitt
 
Cybersecurity | Fraud 2.0 Presentation to the Association of Certified Fraud ...
Cybersecurity | Fraud 2.0 Presentation to the Association of Certified Fraud ...Cybersecurity | Fraud 2.0 Presentation to the Association of Certified Fraud ...
Cybersecurity | Fraud 2.0 Presentation to the Association of Certified Fraud ...Shawn Tuma
 
Cyber Security 101: What Your Agency Needs to Know
Cyber Security 101: What Your Agency Needs to KnowCyber Security 101: What Your Agency Needs to Know
Cyber Security 101: What Your Agency Needs to KnowSandra Fathi
 
Cybersecurity (and Privacy) Issues - Legal and Compliance Issues Everyone in ...
Cybersecurity (and Privacy) Issues - Legal and Compliance Issues Everyone in ...Cybersecurity (and Privacy) Issues - Legal and Compliance Issues Everyone in ...
Cybersecurity (and Privacy) Issues - Legal and Compliance Issues Everyone in ...Shawn Tuma
 
Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...
Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...
Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...Netpluz Asia Pte Ltd
 
Cybersecurity: The Danger, the Cost, the Retaliation
Cybersecurity: The Danger, the Cost, the RetaliationCybersecurity: The Danger, the Cost, the Retaliation
Cybersecurity: The Danger, the Cost, the RetaliationPECB
 

Mais procurados (20)

Recovering from a Cyber Attack
Recovering from a Cyber AttackRecovering from a Cyber Attack
Recovering from a Cyber Attack
 
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
 
Netwatcher Credit Union Tech Talk
Netwatcher Credit Union Tech TalkNetwatcher Credit Union Tech Talk
Netwatcher Credit Union Tech Talk
 
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
 
The Legal Case for Cybersecurity - SecureWorld Denver 2017 (Lunch Keynote)
The Legal Case for Cybersecurity - SecureWorld Denver 2017 (Lunch Keynote)The Legal Case for Cybersecurity - SecureWorld Denver 2017 (Lunch Keynote)
The Legal Case for Cybersecurity - SecureWorld Denver 2017 (Lunch Keynote)
 
Exhibitor session: Fortinet
Exhibitor session: FortinetExhibitor session: Fortinet
Exhibitor session: Fortinet
 
The Legal Case for Cybersecurity - SecureWorld Dallas 2017 (Lunch Keynote)
The Legal Case for Cybersecurity - SecureWorld Dallas 2017 (Lunch Keynote)The Legal Case for Cybersecurity - SecureWorld Dallas 2017 (Lunch Keynote)
The Legal Case for Cybersecurity - SecureWorld Dallas 2017 (Lunch Keynote)
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
 
Why Your Organization Must Have a Cyber Risk Management Program and How to De...
Why Your Organization Must Have a Cyber Risk Management Program and How to De...Why Your Organization Must Have a Cyber Risk Management Program and How to De...
Why Your Organization Must Have a Cyber Risk Management Program and How to De...
 
Security Kung Fu: Firewall Logs
Security Kung Fu: Firewall LogsSecurity Kung Fu: Firewall Logs
Security Kung Fu: Firewall Logs
 
The Science and Art of Cyber Incident Response (with Case Studies)
The Science and Art of Cyber Incident Response (with Case Studies)The Science and Art of Cyber Incident Response (with Case Studies)
The Science and Art of Cyber Incident Response (with Case Studies)
 
NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...
NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...
NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...
 
Industrial Control Security USA Sacramento California Oct 6/7
Industrial Control Security USA Sacramento California Oct 6/7Industrial Control Security USA Sacramento California Oct 6/7
Industrial Control Security USA Sacramento California Oct 6/7
 
Cybersecurity | Fraud 2.0 Presentation to the Association of Certified Fraud ...
Cybersecurity | Fraud 2.0 Presentation to the Association of Certified Fraud ...Cybersecurity | Fraud 2.0 Presentation to the Association of Certified Fraud ...
Cybersecurity | Fraud 2.0 Presentation to the Association of Certified Fraud ...
 
Cyber Security 101: What Your Agency Needs to Know
Cyber Security 101: What Your Agency Needs to KnowCyber Security 101: What Your Agency Needs to Know
Cyber Security 101: What Your Agency Needs to Know
 
SME Cyber Insurance
SME Cyber Insurance SME Cyber Insurance
SME Cyber Insurance
 
Cybersecurity (and Privacy) Issues - Legal and Compliance Issues Everyone in ...
Cybersecurity (and Privacy) Issues - Legal and Compliance Issues Everyone in ...Cybersecurity (and Privacy) Issues - Legal and Compliance Issues Everyone in ...
Cybersecurity (and Privacy) Issues - Legal and Compliance Issues Everyone in ...
 
Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...
Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...
Netpluz | Protecting your Business with eSentinel | 360° Cyber Security Simpl...
 
Cyber Security for Financial Institutions
Cyber Security for Financial InstitutionsCyber Security for Financial Institutions
Cyber Security for Financial Institutions
 
Cybersecurity: The Danger, the Cost, the Retaliation
Cybersecurity: The Danger, the Cost, the RetaliationCybersecurity: The Danger, the Cost, the Retaliation
Cybersecurity: The Danger, the Cost, the Retaliation
 

Semelhante a Lawyers' Ethical Obligations for Cybersecurity

Real World Cybersecurity Tips You Can Use to Protect Your Clients, Your Firm,...
Real World Cybersecurity Tips You Can Use to Protect Your Clients, Your Firm,...Real World Cybersecurity Tips You Can Use to Protect Your Clients, Your Firm,...
Real World Cybersecurity Tips You Can Use to Protect Your Clients, Your Firm,...Shawn Tuma
 
Multi-faceted Cyber Security v1
Multi-faceted Cyber Security v1Multi-faceted Cyber Security v1
Multi-faceted Cyber Security v1Asad Zaman
 
Privacy and Technology in Your Practice: Why it Matters & Where is the Risk
Privacy and Technology in Your Practice: Why it Matters & Where is the RiskPrivacy and Technology in Your Practice: Why it Matters & Where is the Risk
Privacy and Technology in Your Practice: Why it Matters & Where is the Riskduffeeandeitzen
 
Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...
Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...
Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...Diana Maier
 
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Joe Bartolo
 
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)Paul C. Van Slyke
 
How to Build and Implement your Company's Information Security Program
How to Build and Implement your Company's Information Security ProgramHow to Build and Implement your Company's Information Security Program
How to Build and Implement your Company's Information Security ProgramFinancial Poise
 
CYBER SECURITY and DATA PRIVACY 2022_How to Build and Implement your Company'...
CYBER SECURITY and DATA PRIVACY 2022_How to Build and Implement your Company'...CYBER SECURITY and DATA PRIVACY 2022_How to Build and Implement your Company'...
CYBER SECURITY and DATA PRIVACY 2022_How to Build and Implement your Company'...Financial Poise
 
Cybersecurity Legal Issues: What You Really Need to Know
Cybersecurity Legal Issues: What You Really Need to KnowCybersecurity Legal Issues: What You Really Need to Know
Cybersecurity Legal Issues: What You Really Need to KnowShawn Tuma
 
Kaseya Kaspersky Breaches
Kaseya Kaspersky BreachesKaseya Kaspersky Breaches
Kaseya Kaspersky BreachesKaseya
 
Trade Secret Protection: Practical Advice on Protecting and Defending Your Or...
Trade Secret Protection: Practical Advice on Protecting and Defending Your Or...Trade Secret Protection: Practical Advice on Protecting and Defending Your Or...
Trade Secret Protection: Practical Advice on Protecting and Defending Your Or...Winston & Strawn LLP
 
ISSA North Texas - SecureWorld Expo Dallas - Cybersecurity Legal Issues: What...
ISSA North Texas - SecureWorld Expo Dallas - Cybersecurity Legal Issues: What...ISSA North Texas - SecureWorld Expo Dallas - Cybersecurity Legal Issues: What...
ISSA North Texas - SecureWorld Expo Dallas - Cybersecurity Legal Issues: What...Shawn Tuma
 
005. Ethics, Privacy and Security
005. Ethics, Privacy and Security005. Ethics, Privacy and Security
005. Ethics, Privacy and SecurityArianto Muditomo
 
Cybercrime and the Hidden Perils of Patient Data
Cybercrime and the Hidden Perils of Patient DataCybercrime and the Hidden Perils of Patient Data
Cybercrime and the Hidden Perils of Patient DataStephen Cobb
 
Don't let them take a byte
Don't let them take a byteDon't let them take a byte
Don't let them take a bytelgcdcpas
 
2016 ISACA NACACS - Audit Privacy Considerations
2016 ISACA NACACS - Audit Privacy Considerations2016 ISACA NACACS - Audit Privacy Considerations
2016 ISACA NACACS - Audit Privacy ConsiderationsNathan Anderson
 
Presentation on Information Privacy
Presentation on Information PrivacyPresentation on Information Privacy
Presentation on Information PrivacyPerry Slack
 
Cyber Security - ASGFOA
Cyber Security - ASGFOACyber Security - ASGFOA
Cyber Security - ASGFOAPeter Henley
 

Semelhante a Lawyers' Ethical Obligations for Cybersecurity (20)

Real World Cybersecurity Tips You Can Use to Protect Your Clients, Your Firm,...
Real World Cybersecurity Tips You Can Use to Protect Your Clients, Your Firm,...Real World Cybersecurity Tips You Can Use to Protect Your Clients, Your Firm,...
Real World Cybersecurity Tips You Can Use to Protect Your Clients, Your Firm,...
 
Multi-faceted Cyber Security v1
Multi-faceted Cyber Security v1Multi-faceted Cyber Security v1
Multi-faceted Cyber Security v1
 
Privacy and Technology in Your Practice: Why it Matters & Where is the Risk
Privacy and Technology in Your Practice: Why it Matters & Where is the RiskPrivacy and Technology in Your Practice: Why it Matters & Where is the Risk
Privacy and Technology in Your Practice: Why it Matters & Where is the Risk
 
Privacy, Encryption, and Anonymity in the Civil Legal Aid Context
Privacy, Encryption, and Anonymity in the Civil Legal Aid ContextPrivacy, Encryption, and Anonymity in the Civil Legal Aid Context
Privacy, Encryption, and Anonymity in the Civil Legal Aid Context
 
Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...
Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...
Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...
 
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
 
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)
 
How to Build and Implement your Company's Information Security Program
How to Build and Implement your Company's Information Security ProgramHow to Build and Implement your Company's Information Security Program
How to Build and Implement your Company's Information Security Program
 
CYBER SECURITY and DATA PRIVACY 2022_How to Build and Implement your Company'...
CYBER SECURITY and DATA PRIVACY 2022_How to Build and Implement your Company'...CYBER SECURITY and DATA PRIVACY 2022_How to Build and Implement your Company'...
CYBER SECURITY and DATA PRIVACY 2022_How to Build and Implement your Company'...
 
Cybersecurity Legal Issues: What You Really Need to Know
Cybersecurity Legal Issues: What You Really Need to KnowCybersecurity Legal Issues: What You Really Need to Know
Cybersecurity Legal Issues: What You Really Need to Know
 
Kaseya Kaspersky Breaches
Kaseya Kaspersky BreachesKaseya Kaspersky Breaches
Kaseya Kaspersky Breaches
 
Trade Secret Protection: Practical Advice on Protecting and Defending Your Or...
Trade Secret Protection: Practical Advice on Protecting and Defending Your Or...Trade Secret Protection: Practical Advice on Protecting and Defending Your Or...
Trade Secret Protection: Practical Advice on Protecting and Defending Your Or...
 
ISSA North Texas - SecureWorld Expo Dallas - Cybersecurity Legal Issues: What...
ISSA North Texas - SecureWorld Expo Dallas - Cybersecurity Legal Issues: What...ISSA North Texas - SecureWorld Expo Dallas - Cybersecurity Legal Issues: What...
ISSA North Texas - SecureWorld Expo Dallas - Cybersecurity Legal Issues: What...
 
005. Ethics, Privacy and Security
005. Ethics, Privacy and Security005. Ethics, Privacy and Security
005. Ethics, Privacy and Security
 
Cybercrime and the Hidden Perils of Patient Data
Cybercrime and the Hidden Perils of Patient DataCybercrime and the Hidden Perils of Patient Data
Cybercrime and the Hidden Perils of Patient Data
 
Don't let them take a byte
Don't let them take a byteDon't let them take a byte
Don't let them take a byte
 
SNW Fall 2009
SNW Fall 2009SNW Fall 2009
SNW Fall 2009
 
2016 ISACA NACACS - Audit Privacy Considerations
2016 ISACA NACACS - Audit Privacy Considerations2016 ISACA NACACS - Audit Privacy Considerations
2016 ISACA NACACS - Audit Privacy Considerations
 
Presentation on Information Privacy
Presentation on Information PrivacyPresentation on Information Privacy
Presentation on Information Privacy
 
Cyber Security - ASGFOA
Cyber Security - ASGFOACyber Security - ASGFOA
Cyber Security - ASGFOA
 

Mais de Shawn Tuma

Incident Response Planning - Lifecycle of Responding to a Ransomware Attack
Incident Response Planning - Lifecycle of Responding to a Ransomware AttackIncident Response Planning - Lifecycle of Responding to a Ransomware Attack
Incident Response Planning - Lifecycle of Responding to a Ransomware AttackShawn Tuma
 
Reimagine Your Company Operating Again After a Ransomware Attack -- The Lifec...
Reimagine Your Company Operating Again After a Ransomware Attack -- The Lifec...Reimagine Your Company Operating Again After a Ransomware Attack -- The Lifec...
Reimagine Your Company Operating Again After a Ransomware Attack -- The Lifec...Shawn Tuma
 
Cyber Hygiene Checklist
Cyber Hygiene ChecklistCyber Hygiene Checklist
Cyber Hygiene ChecklistShawn Tuma
 
Cyber Incident Response Checklist
Cyber Incident Response ChecklistCyber Incident Response Checklist
Cyber Incident Response ChecklistShawn Tuma
 
Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)
Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)
Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)Shawn Tuma
 
Something is Phishy: Cyber Scams and How to Avoid Them
Something is Phishy: Cyber Scams and How to Avoid ThemSomething is Phishy: Cyber Scams and How to Avoid Them
Something is Phishy: Cyber Scams and How to Avoid ThemShawn Tuma
 
Cybersecurity Fundamentals for Legal Professionals (and every other business)
Cybersecurity Fundamentals for Legal Professionals (and every other business)Cybersecurity Fundamentals for Legal Professionals (and every other business)
Cybersecurity Fundamentals for Legal Professionals (and every other business)Shawn Tuma
 
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500NYDFS Cybersecurity Regulations - 23 NYCRR Part 500
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500Shawn Tuma
 
Cybersecurity Update
Cybersecurity UpdateCybersecurity Update
Cybersecurity UpdateShawn Tuma
 
Effective cybersecurity for small and midsize businesses
Effective cybersecurity for small and midsize businessesEffective cybersecurity for small and midsize businesses
Effective cybersecurity for small and midsize businessesShawn Tuma
 
The Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk Summit
The Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk SummitThe Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk Summit
The Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk SummitShawn Tuma
 
The Legal Case for Cyber Risk Management Programs and What They Should Include
The Legal Case for Cyber Risk Management Programs and What They Should IncludeThe Legal Case for Cyber Risk Management Programs and What They Should Include
The Legal Case for Cyber Risk Management Programs and What They Should IncludeShawn Tuma
 
"What Could Go Wrong?" - We're Glad You Asked!
"What Could Go Wrong?" - We're Glad You Asked!"What Could Go Wrong?" - We're Glad You Asked!
"What Could Go Wrong?" - We're Glad You Asked!Shawn Tuma
 
The Legal Case for Cybersecurity: Implementing and Maturing a Cyber Risk Mana...
The Legal Case for Cybersecurity: Implementing and Maturing a Cyber Risk Mana...The Legal Case for Cybersecurity: Implementing and Maturing a Cyber Risk Mana...
The Legal Case for Cybersecurity: Implementing and Maturing a Cyber Risk Mana...Shawn Tuma
 
Cybersecurity: How to Protect Your Firm from a Cyber Attack
Cybersecurity: How to Protect Your Firm from a Cyber AttackCybersecurity: How to Protect Your Firm from a Cyber Attack
Cybersecurity: How to Protect Your Firm from a Cyber AttackShawn Tuma
 
Contracting for Better Cybersecurity
Contracting for Better CybersecurityContracting for Better Cybersecurity
Contracting for Better CybersecurityShawn Tuma
 
#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm
#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm
#CyberAvengers - Artificial Intelligence in the Legal and Regulatory RealmShawn Tuma
 
Cybersecurity Fundamentals for Legal Professionals
Cybersecurity Fundamentals for Legal ProfessionalsCybersecurity Fundamentals for Legal Professionals
Cybersecurity Fundamentals for Legal ProfessionalsShawn Tuma
 
The Essentials of Cyber Insurance: A Panel of Industry Experts
The Essentials of Cyber Insurance: A Panel of Industry ExpertsThe Essentials of Cyber Insurance: A Panel of Industry Experts
The Essentials of Cyber Insurance: A Panel of Industry ExpertsShawn Tuma
 

Mais de Shawn Tuma (19)

Incident Response Planning - Lifecycle of Responding to a Ransomware Attack
Incident Response Planning - Lifecycle of Responding to a Ransomware AttackIncident Response Planning - Lifecycle of Responding to a Ransomware Attack
Incident Response Planning - Lifecycle of Responding to a Ransomware Attack
 
Reimagine Your Company Operating Again After a Ransomware Attack -- The Lifec...
Reimagine Your Company Operating Again After a Ransomware Attack -- The Lifec...Reimagine Your Company Operating Again After a Ransomware Attack -- The Lifec...
Reimagine Your Company Operating Again After a Ransomware Attack -- The Lifec...
 
Cyber Hygiene Checklist
Cyber Hygiene ChecklistCyber Hygiene Checklist
Cyber Hygiene Checklist
 
Cyber Incident Response Checklist
Cyber Incident Response ChecklistCyber Incident Response Checklist
Cyber Incident Response Checklist
 
Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)
Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)
Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)
 
Something is Phishy: Cyber Scams and How to Avoid Them
Something is Phishy: Cyber Scams and How to Avoid ThemSomething is Phishy: Cyber Scams and How to Avoid Them
Something is Phishy: Cyber Scams and How to Avoid Them
 
Cybersecurity Fundamentals for Legal Professionals (and every other business)
Cybersecurity Fundamentals for Legal Professionals (and every other business)Cybersecurity Fundamentals for Legal Professionals (and every other business)
Cybersecurity Fundamentals for Legal Professionals (and every other business)
 
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500NYDFS Cybersecurity Regulations - 23 NYCRR Part 500
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500
 
Cybersecurity Update
Cybersecurity UpdateCybersecurity Update
Cybersecurity Update
 
Effective cybersecurity for small and midsize businesses
Effective cybersecurity for small and midsize businessesEffective cybersecurity for small and midsize businesses
Effective cybersecurity for small and midsize businesses
 
The Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk Summit
The Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk SummitThe Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk Summit
The Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk Summit
 
The Legal Case for Cyber Risk Management Programs and What They Should Include
The Legal Case for Cyber Risk Management Programs and What They Should IncludeThe Legal Case for Cyber Risk Management Programs and What They Should Include
The Legal Case for Cyber Risk Management Programs and What They Should Include
 
"What Could Go Wrong?" - We're Glad You Asked!
"What Could Go Wrong?" - We're Glad You Asked!"What Could Go Wrong?" - We're Glad You Asked!
"What Could Go Wrong?" - We're Glad You Asked!
 
The Legal Case for Cybersecurity: Implementing and Maturing a Cyber Risk Mana...
The Legal Case for Cybersecurity: Implementing and Maturing a Cyber Risk Mana...The Legal Case for Cybersecurity: Implementing and Maturing a Cyber Risk Mana...
The Legal Case for Cybersecurity: Implementing and Maturing a Cyber Risk Mana...
 
Cybersecurity: How to Protect Your Firm from a Cyber Attack
Cybersecurity: How to Protect Your Firm from a Cyber AttackCybersecurity: How to Protect Your Firm from a Cyber Attack
Cybersecurity: How to Protect Your Firm from a Cyber Attack
 
Contracting for Better Cybersecurity
Contracting for Better CybersecurityContracting for Better Cybersecurity
Contracting for Better Cybersecurity
 
#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm
#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm
#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm
 
Cybersecurity Fundamentals for Legal Professionals
Cybersecurity Fundamentals for Legal ProfessionalsCybersecurity Fundamentals for Legal Professionals
Cybersecurity Fundamentals for Legal Professionals
 
The Essentials of Cyber Insurance: A Panel of Industry Experts
The Essentials of Cyber Insurance: A Panel of Industry ExpertsThe Essentials of Cyber Insurance: A Panel of Industry Experts
The Essentials of Cyber Insurance: A Panel of Industry Experts
 

Último

Analysis on Law of Domicile under Private International laws.
Analysis on Law of Domicile under Private International laws.Analysis on Law of Domicile under Private International laws.
Analysis on Law of Domicile under Private International laws.2020000445musaib
 
Presentation1.pptx on sedition is a good legal point
Presentation1.pptx on sedition is a good legal pointPresentation1.pptx on sedition is a good legal point
Presentation1.pptx on sedition is a good legal pointMohdYousuf40
 
Illinois Department Of Corrections reentry guide
Illinois Department Of Corrections reentry guideIllinois Department Of Corrections reentry guide
Illinois Department Of Corrections reentry guideillinoisworknet11
 
Comparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use casesComparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use casesritwikv20
 
Guide for Drug Education and Vice Control.docx
Guide for Drug Education and Vice Control.docxGuide for Drug Education and Vice Control.docx
Guide for Drug Education and Vice Control.docxjennysansano2
 
Sarvesh Raj IPS - A Journey of Dedication and Leadership.pptx
Sarvesh Raj IPS - A Journey of Dedication and Leadership.pptxSarvesh Raj IPS - A Journey of Dedication and Leadership.pptx
Sarvesh Raj IPS - A Journey of Dedication and Leadership.pptxAnto Jebin
 
Good Governance Practices for protection of Human Rights (Discuss Transparen...
Good Governance Practices for protection of Human Rights (Discuss Transparen...Good Governance Practices for protection of Human Rights (Discuss Transparen...
Good Governance Practices for protection of Human Rights (Discuss Transparen...shubhuc963
 
Alexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis Lee
Alexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis LeeAlexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis Lee
Alexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis LeeBlayneRush1
 
Law360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
Law360 - How Duty Of Candor Figures In USPTO AI Ethics GuidanceLaw360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
Law360 - How Duty Of Candor Figures In USPTO AI Ethics GuidanceMichael Cicero
 
Alexis O'Connell Lexileeyogi 512-840-8791
Alexis O'Connell Lexileeyogi 512-840-8791Alexis O'Connell Lexileeyogi 512-840-8791
Alexis O'Connell Lexileeyogi 512-840-8791BlayneRush1
 
Alexis O'Connell Arrest Records Houston Texas lexileeyogi
Alexis O'Connell Arrest Records Houston Texas lexileeyogiAlexis O'Connell Arrest Records Houston Texas lexileeyogi
Alexis O'Connell Arrest Records Houston Texas lexileeyogiBlayneRush1
 
Alexis O'Connell Alexis Lee mugshot Lexileeyogi 512-840-8791
Alexis O'Connell Alexis Lee mugshot Lexileeyogi 512-840-8791Alexis O'Connell Alexis Lee mugshot Lexileeyogi 512-840-8791
Alexis O'Connell Alexis Lee mugshot Lexileeyogi 512-840-8791BlayneRush1
 
Vanderburgh County Sheriff says he will Not Raid Delta 8 Shops
Vanderburgh County Sheriff says he will Not Raid Delta 8 ShopsVanderburgh County Sheriff says he will Not Raid Delta 8 Shops
Vanderburgh County Sheriff says he will Not Raid Delta 8 ShopsAbdul-Hakim Shabazz
 
Are There Any Alternatives To Jail Time For Sex Crime Convictions in Los Angeles
Are There Any Alternatives To Jail Time For Sex Crime Convictions in Los AngelesAre There Any Alternatives To Jail Time For Sex Crime Convictions in Los Angeles
Are There Any Alternatives To Jail Time For Sex Crime Convictions in Los AngelesChesley Lawyer
 
John Hustaix - The Legal Profession: A History
John Hustaix - The Legal Profession: A HistoryJohn Hustaix - The Legal Profession: A History
John Hustaix - The Legal Profession: A HistoryJohn Hustaix
 
Wurz Financial - Wealth Counsel to Law Firm Owners Services Guide.pdf
Wurz Financial - Wealth Counsel to Law Firm Owners Services Guide.pdfWurz Financial - Wealth Counsel to Law Firm Owners Services Guide.pdf
Wurz Financial - Wealth Counsel to Law Firm Owners Services Guide.pdfssuser3e15612
 
Understanding Cyber Crime Litigation: Key Concepts and Legal Frameworks
Understanding Cyber Crime Litigation: Key Concepts and Legal FrameworksUnderstanding Cyber Crime Litigation: Key Concepts and Legal Frameworks
Understanding Cyber Crime Litigation: Key Concepts and Legal FrameworksFinlaw Associates
 
Succession (Articles 774-1116 Civil Code
Succession (Articles 774-1116 Civil CodeSuccession (Articles 774-1116 Civil Code
Succession (Articles 774-1116 Civil CodeMelvinPernez2
 
citizenship in the Philippines as to the laws applicable
citizenship in the Philippines as to the laws applicablecitizenship in the Philippines as to the laws applicable
citizenship in the Philippines as to the laws applicableSaraSantiago44
 
昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书
昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书
昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书1k98h0e1
 

Último (20)

Analysis on Law of Domicile under Private International laws.
Analysis on Law of Domicile under Private International laws.Analysis on Law of Domicile under Private International laws.
Analysis on Law of Domicile under Private International laws.
 
Presentation1.pptx on sedition is a good legal point
Presentation1.pptx on sedition is a good legal pointPresentation1.pptx on sedition is a good legal point
Presentation1.pptx on sedition is a good legal point
 
Illinois Department Of Corrections reentry guide
Illinois Department Of Corrections reentry guideIllinois Department Of Corrections reentry guide
Illinois Department Of Corrections reentry guide
 
Comparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use casesComparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use cases
 
Guide for Drug Education and Vice Control.docx
Guide for Drug Education and Vice Control.docxGuide for Drug Education and Vice Control.docx
Guide for Drug Education and Vice Control.docx
 
Sarvesh Raj IPS - A Journey of Dedication and Leadership.pptx
Sarvesh Raj IPS - A Journey of Dedication and Leadership.pptxSarvesh Raj IPS - A Journey of Dedication and Leadership.pptx
Sarvesh Raj IPS - A Journey of Dedication and Leadership.pptx
 
Good Governance Practices for protection of Human Rights (Discuss Transparen...
Good Governance Practices for protection of Human Rights (Discuss Transparen...Good Governance Practices for protection of Human Rights (Discuss Transparen...
Good Governance Practices for protection of Human Rights (Discuss Transparen...
 
Alexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis Lee
Alexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis LeeAlexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis Lee
Alexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis Lee
 
Law360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
Law360 - How Duty Of Candor Figures In USPTO AI Ethics GuidanceLaw360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
Law360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
 
Alexis O'Connell Lexileeyogi 512-840-8791
Alexis O'Connell Lexileeyogi 512-840-8791Alexis O'Connell Lexileeyogi 512-840-8791
Alexis O'Connell Lexileeyogi 512-840-8791
 
Alexis O'Connell Arrest Records Houston Texas lexileeyogi
Alexis O'Connell Arrest Records Houston Texas lexileeyogiAlexis O'Connell Arrest Records Houston Texas lexileeyogi
Alexis O'Connell Arrest Records Houston Texas lexileeyogi
 
Alexis O'Connell Alexis Lee mugshot Lexileeyogi 512-840-8791
Alexis O'Connell Alexis Lee mugshot Lexileeyogi 512-840-8791Alexis O'Connell Alexis Lee mugshot Lexileeyogi 512-840-8791
Alexis O'Connell Alexis Lee mugshot Lexileeyogi 512-840-8791
 
Vanderburgh County Sheriff says he will Not Raid Delta 8 Shops
Vanderburgh County Sheriff says he will Not Raid Delta 8 ShopsVanderburgh County Sheriff says he will Not Raid Delta 8 Shops
Vanderburgh County Sheriff says he will Not Raid Delta 8 Shops
 
Are There Any Alternatives To Jail Time For Sex Crime Convictions in Los Angeles
Are There Any Alternatives To Jail Time For Sex Crime Convictions in Los AngelesAre There Any Alternatives To Jail Time For Sex Crime Convictions in Los Angeles
Are There Any Alternatives To Jail Time For Sex Crime Convictions in Los Angeles
 
John Hustaix - The Legal Profession: A History
John Hustaix - The Legal Profession: A HistoryJohn Hustaix - The Legal Profession: A History
John Hustaix - The Legal Profession: A History
 
Wurz Financial - Wealth Counsel to Law Firm Owners Services Guide.pdf
Wurz Financial - Wealth Counsel to Law Firm Owners Services Guide.pdfWurz Financial - Wealth Counsel to Law Firm Owners Services Guide.pdf
Wurz Financial - Wealth Counsel to Law Firm Owners Services Guide.pdf
 
Understanding Cyber Crime Litigation: Key Concepts and Legal Frameworks
Understanding Cyber Crime Litigation: Key Concepts and Legal FrameworksUnderstanding Cyber Crime Litigation: Key Concepts and Legal Frameworks
Understanding Cyber Crime Litigation: Key Concepts and Legal Frameworks
 
Succession (Articles 774-1116 Civil Code
Succession (Articles 774-1116 Civil CodeSuccession (Articles 774-1116 Civil Code
Succession (Articles 774-1116 Civil Code
 
citizenship in the Philippines as to the laws applicable
citizenship in the Philippines as to the laws applicablecitizenship in the Philippines as to the laws applicable
citizenship in the Philippines as to the laws applicable
 
昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书
昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书
昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书
 

Lawyers' Ethical Obligations for Cybersecurity

  • 1. Spencer Fane LLP | spencerfane.com Lawyers’ Ethical Obligations for Cybersecurity Collin County Bench Bar Conference 2019 Shawn Tuma Co-Chair, Cybersecurity & Data Privacy Spencer Fane LLP | @spencerfane spencerfane.com | @shawnetuma
  • 2. But first, join us on Social Media!
  • 3. Spencer Fane LLP | spencerfane.com The Problem for Lawyers • Prefer to ignore but obligated to address • Impact all lawyers and law firms alike • Clients demanding adequate security • Law firms are an increasingly popular target – Value and sensitivity of data – Data for multiple clients
  • 4. Spencer Fane LLP | spencerfane.com
  • 5. Spencer Fane LLP | spencerfane.com
  • 6. Spencer Fane LLP | spencerfane.com The Ethics for Lawyers “A lawyer should preserve the confidences and secrets of a client.” • Ethics Opinion 384 (Sept. 1975) • Canon No. 4, Code of Professional Responsibility • Disciplinary Rule (DR) 4-101 (A) and (B) • New duty of “technical competence” for lawyers
  • 7. Spencer Fane LLP | spencerfane.com Can you hear me now? • ABA Ethics Opinion 483 • Lawyers’ Obligations After an Electronic Data Breach of Cyberattack • October 17, 2018
  • 8. Spencer Fane LLP | spencerfane.com Ethics Opinion 483 • Lawyers’ Obligations After an Electronic Data Breach or Cyberattack – Proactive obligations – “data breach” ≠ “data breach” • “data breach” – “a data event where material client confidential information is misappropriated, destroyed or otherwise compromised, or where a lawyer’s ability to perform the legal services for which the lawyer is hired is significantly impaired by the episode.” • Ransomware? • Service provider network outage, even if no access or exfiltraton?
  • 9. Spencer Fane LLP | spencerfane.com Ethics Opinion 483 • Focus is on the overall process of protecting information, not the result. • Requires lawyers to: 1. Be competent by keeping abreast of the benefits and risks associated with relevant technology; 2. Have reasonable cybersecurity safeguards in place; 3. Follow appropriate data destruction procedures; 4. Actively monitor for breaches of client information; 5. Address third-party risk; 6. Investigate, respond to, and mitigate incidents; 7. Develop and implement an incident response plan; and 8. Notify clients in an appropriate manner when there has been a “data breach.”
  • 10. Spencer Fane LLP | spencerfane.com Cybersecurity Best Practices • Risk assessment • Policies and procedures focused on cybersecurity – Culture – Social engineering, password, security questions • Train workforce on P&P, security • Phish all workforce • Multi-factor authentication • Internal controls / access controls to restrict unnecessary data risk • Data retention policy • Signature based antivirus and malware detection • No outdated or unsupported software • Patch management process • Backups segmented offline, cloud, redundant • Incident response plan • Encrypt sensitive and air-gap hypersensitive data • Adequate logging and retention • Third-party security risk management program • Firewall, intrusion detection and prevention systems • Managed services provider (MSP) or managed security services provider (MSSP) • Cyber risk insurance
  • 11. Spencer Fane LLP | spencerfane.com #CCBB19
  • 12. Spencer Fane LLP | spencerfane.com Shawn Tuma Co-Chair, Cybersecurity & Data Privacy Spencer Fane LLP 972.324.0317 stuma@spencerfane.com • Board, Southern Methodist University Cyber Advisory • Board of Advisors, North Texas Cyber Forensics Lab • Policy Council, National Technology Security Coalition • Practitioner Editor, Bloomberg BNA – Texas Cybersecurity & Data Privacy Law • Board of Directors & General Counsel, Cyber Future Foundation • Cybersecurity & Data Privacy Law Trailblazers, National Law Journal (2016) • SuperLawyers Top 100 Lawyers in Dallas (2016) • SuperLawyers 2015-19 • Best Lawyers in Dallas 2014-19, D Magazine (Cybersecurity Law) • Council, Computer & Technology Section, State Bar of Texas • Privacy and Data Security Committee of the State Bar of Texas • College of the State Bar of Texas • Board of Directors, Collin County Bench Bar Conference • Past Chair, Civil Litigation & Appellate Section, Collin County Bar Association • Information Security Committee of the Section on Science & Technology Committee of the American Bar Association • North Texas Crime Commission, Cybercrime Committee & Infragard (FBI) • International Association of Privacy Professionals