In our most recent Digital Detectives podcast for Legal Talk Network, John and I were happy to welcome Rob Lee, a Director with the information security firm Mandiant and the curriculum lead for digital forensic training at the SANS Institute, to discuss the deplorable state of law firm security.
It resonated with us that Rob believes that law firm security is about five years behind the rest of the business world. That may be kind. Certainly we've never done a law firm security assessment without finding significant vulnerabilities and Rob's experience has been the same.
He talks extensively about Advanced Persistent Threats, the concept of defense in depth and the importance of security assessments. As he notes, hacking into law firms is so easy that the Chinese don’t even waste their “A” teams on it – the junior rookie squads can handle it.
The attitude of many law firms is that "it can't happen here." What's amazing is how many times it already has. If you're interested in law firm security, Rob offers a wealth of information in this podcast - our thanks for his willingness to share his knowledge!
E-mail: firstname.lastname@example.org Phone: 703-359-0700