Information Security News mailing list archives

Re: One in ten law firms suffered security breaches

From: InfoSec News <isn () c4i org>
Date: Mon, 8 Aug 2005 00:01:23 -0500 (CDT)

Forwarded from: Mark Bernard <Mark.Bernard () TechSecure ca>

Dear Associates,

How about the handling of private information?  Here in Canada privacy
rights are rescinded when someone is caught committing a crime, so
likely law firms maintain records including email relevant to cases.  
What happens to these records when a person is found not guilty or
punished for a crime?  This appears to be a grey area in the data
retention law and now we are seeing that law firms are also vulnerable
to exploits.

Best regards,
Mark.


Mark E. S. Bernard, CISM, CISSP, PM,
e-mail: Mark.Bernard () TechSecure ca; Web: http://www.TechSecure.ca; Phone: 
(506) 325-0444


----- Original Message ----- 
From: "InfoSec News" <isn () c4i org>
To: <isn () attrition org>
Sent: Friday, August 05, 2005 2:05 AM
Subject: [ISN] One in ten law firms suffered security breaches

http://www.theinquirer.net/?article=25159

By INQUIRER staff
04 August 2005

ACCORDING TO AN NOP World survey, 50% of law firms in the UK are
missing basic security measures and just under half have no budget
dedicated to digital security, despite the recently increasing IT
security threats.

100 UK law firms were included in the NOP World survey commissioned
by security specialists Evolution Security Systems.

According to the survey, one in ten firms had suffered digital
security breaches over the past year - showing absolutely no sign of
improvement with exactly the same odds the year before. Over half of
the firms believe that digital threats are increasing, yet have
failed to take appropriate prevention steps.

The survey found that even though there is a one in ten chance of a
UK law firm suffering from digital security breaches, over half of
those surveyed still asked co-workers to check their e-mails, while
one quarter have never changed their e-mail passwords. Perhaps more
worryingly, four out of ten firms that were questioned had
absolutely no idea what to do in case of a serious IT malfunction,
having no disaster recovery plans, or even having thought of such
things.


[...]



_________________________________________
Attend ToorCon 
Sept 16-18th, 2005
Convention Center
San Diego, California
www.toorcon.org

Current thread:

One in ten law firms suffered security breaches InfoSec News (Aug 04)
- <Possible follow-ups>
- Re: One in ten law firms suffered security breaches InfoSec News (Aug 07)