Request Demo

ABA, CyberStrong, NIST Cybersecurity Framework

The ABA Handbook's One Important Takeaway: Your Law Firm Might Be Lagging On Cyber

down-arrow

Although an increasing number of businesses across the United States have taken up the project of adopting the NIST Cybersecurity Framework for their vendors and suppliers, the legal community is lagging on adopting this set of best practices. Under the Obama administration, and a 2014 executive order, the NIST Cybersecurity Framework or “The Framework” was developed with collaborative input across industries focusing on critical infrastructure security.

The ABA states that “The Framework is arguably one of the most significant documents released by NIST in the recent past, maybe ever. It already has had a definite impact on the private sector and the supply chain that currently services the nation’s critical infrastructure.”

Although the ABA is in full support, it seems that the legal sector is less than proactive about protecting its data. According to the ABA handbook released just last week, that “The value of efficient supply chains is well recognized in the business world, but law firms have been slow to recognize the trend and are catching up with their clients by viewing their work as a piece of the whole, and altering their legal service models to become value-added partners to their clients for whom supply chain management is a key profitability component.” The ABA’s “Cybersecurity Handbook: A Resource for Attorneys, Law Firms, and Business Professionals” is available online, and recommends the best practices for the legal sector related to cybersecurity.

Ultimately, the ABA handbooks notes, failure to recognize and act on these threats could threaten the viability of law firms themselves, in the case of data breach and a high probability that would result in lawsuits indicating negligence.

The law firm would experience “loss of client communication; loss of clients, revenue, and competitiveness; loss of data and unintentional disclosures; and claims for damages due to negligent acts and omissions arising from cyber incidents” according to the ABA.


Interested in Implementing The NIST Framework in Your Organization? Read the FREE NIST Cybersecurity Framework Guide for a List of Benefits and Strategies.


The call to action for these firms? “all law firms need to be prepared for a cyber disaster by having a robust and secure network in place and recognizing and implementing best practices”.

The NIST Cybersecurity Framework is held in high regard within the handbook and the ABA, as it is highly encouraged that legal entities begin adopting these cyber best practices seeing as they align with many of the cyber-related issues that can arise in a legal organization - including incident response, due diligence, and negligence. The ABA recommends its use to reduce cyber risk and also for legal entities to avoid legal issues themselves.

The Framework is a catalyst for cybersecurity strength in the organizations that choose to integrate it into their existing or growing program. It is time for organizations across all sectors to be proactive about managing and strengthening their cyber programs. 

The CyberStrong™ PowerControls™ can now give visibility in your organization, both visually and through metrics, on all 5 NIST Cybersecurity Framework Functions: Identify, Protect, Detect, Respond, and Recover, in just a few hours. Not only can you see where your existing program stands, but you can also view your goals and objectives for remediation and improvement on the same report. In addition, you will receive AI-powered intelligent recommendations based on your cost-impact preferences on how to begin or continue implementing the Framework, and similar recommendations based on the top threats in your landscape. A project that used to take months, or even an entire calendar year in some cases, just became a three hour process from beginning to end.

Learn How CyberStrong Streamlines the NIST Cybersecurity Framework Adoption

You may also like

Contextualize Quantified Cyber ...
on April 11, 2019

Now more than ever, CISO’s are being tasked with delivering hard metrics around an enterprise’s technology and digital risk. While this is nothing new for seasoned IT ...

NYDFS Implementation Grace Period ...
on April 9, 2019

Following the Equifax breach and growing concerns about the posture of the financial industry, New York State Department of Financial Services (NYDFS) released the initial ...

CEO's - Do You Know Where That ...
on April 5, 2019

It is no secret that cybersecurity has mystified many members of the C-suite since the function was introduced. With headlines dominated by breaches and hearings of information ...

Jerry Layden
Carbon Black Report Indicates ...
on April 2, 2019

In their third Global Incident Response Threat Report our Massachusetts neighbor, Carbon Black, illustrates not only the top industries for cyber attack but a deeply concerning ...

Legacy GRC And The Sunk Cost ...
on March 28, 2019

Last month, we covered how legacy GRC products and new integrated risk management (IRM) solutions can co-exist and in fact compliment each other. That said, in order for them to ...

Alison Furneaux
What To Expect From The Imminent ...
on April 6, 2019

While the NIST Privacy Framework may be the headliner for the most anticipated new publication from the National Institute of Standards and Technology, there are two imminent ...