The practice of law and the practice of information technology have at least two things in common: both use terminology which is meaningful to insiders and incomprehensible to others; both have experts constantly reiterating concerns which audiences ought to deal with.
The combination often results in a blizzard of awful warnings couched in terms which dull the senses and provoke torpor rather than action. When you see your fortieth earnest warning urging you to take steps or refrain from doing something, you switch off. This is exacerbated by the fact that most of these subjects have a finite vocabulary, much of it technical in nature.
OpenText is refreshingly free from the worst aspects of this, producing articles which do more than reiterate awful warnings in quasi-mystical terms. Their blog posts identify risks and benefits in terms which are comprehensible, with meaningful examples.
A recent OpenText blog post by Rachel Teisch is headed The lawyer’s growing role in cybersecurity. The key points are made at the beginning: lawyers are a “soft target for cybersecurity threats” who hold a “treasure-trove of high-value sensitive company information and communications”; the documents and data sent to lawyers are almost inevitably the most important ones, generally pre-filtered to be those which matter most and which, if lost or published, can cause the most damage.
Data like this also attracts increasing regulatory attention, with privacy and data protection laws bringing new risks and new obligations. That in turn increases ethical obligations, both those which lawyers have always had and new and express ones.
The article makes sensible suggestions as to how these risks can be mitigated. The most obvious, perhaps, is having security audits as a preliminary to prioritising and implementing new policies and procedures.
The article ends with a reminder that OpenText Enfuse 2019 runs from 11 to 14 November in Las Vegas, giving not just an opportunity to catch up with the latest tools and ideas, but also to share experiences with other organisations facing the same problems.
eDisclosure Information Project 