The Association of Corporate Counsel (ACC) recently released a set of guidelines intended to serve as a benchmark for law firm cybersecurity practices. The guidelines include information retention, return, and destruction, data handling and encryption, data breach reporting, physical security, employee background screening, and cyber liability insurance. The requirements were developed based on corporate law departments’ experiences and with input from several law firms.
The term “social engineering” used to conjure up images of social scientists with Ph.D’s brainstorming ways to improve race relations or provide lower income groups with greater access to education and employment opportunities. Today, however, the term is more frequently associated with the use of technology and basic principles of human nature to trick individuals into divulging confidential or personal information that may be used for fraudulent purposes. The social engineering techniques employed by these modern day con artists may be the biggest threat to your Company’s confidential and proprietary information.