Kevin Szczepanski, Data Security & Technology Practice Area co-chair, was featured in the Law.com Pro Mid-Market article “Midsize and Smaller Law Firms Are Facing More Data Breach Threats.” The article examines the growing cybersecurity risks facing small and mid-size law firms, finding that while large firms continue to invest heavily in data security, smaller firms are increasingly targeted by hackers and social engineering scammers who view them as high-volume, lower-resistance targets.
Kevin raised an often-overlooked vulnerability for smaller firms: inadequate cyber insurance coverage. He emphasized that having coverage alone isn’t sufficient without ensuring that appropriate policy limits are established.
“Some smaller firms, while they do have coverage, the limits are very low,” Kevin said. “In this day and age, where financial risks are ever-increasing, you want to talk to your insurance broker, you want to talk to your cyber lawyer if you have one, but you definitely want to ensure that you have appropriate limits in place. $100,000 is not enough of a limit for your cyber liabilities. You should be looking much higher, and the cost of that insurance is really still quite reasonable, so there’s no excuse for not purchasing that risk management tool.”
Kevin also underscored the distinct vulnerabilities law firms face compared to other businesses due to the nature of the data they hold.
“Law firms are uniquely vulnerable because of the type of data that they have, including that sensitive client data, the trade secrets, the legal strategies, the privileged communication,” Kevin said. “Those are things that other organizations out there don't have to worry about, but law firms do need to worry about.”
Law.com subscribers can read the full article here.