SlideShare a Scribd company logo

Cybersecurity and Policy Kafayat Omotayo WRTG 112

Download as DOCX, PDF
O
OllieShoresna

Cybersecurity and Policy Kafayat Omotayo WRTG 112 UMGC 02/15/21 Commented [DW1]: Good cover page. Table of Contents Abstract ........................................................................................................................................... 3 Introduction .................................................................................... Error! Bookmark not defined. Research Question ......................................................................... Error! Bookmark not defined. Overview .................................................................................... Error! Bookmark not defined. Standards .................................................................................... Error! Bookmark not defined. Definitions .................................................................................. Error! Bookmark not defined. The potential threat of a cyberattack on a law firm ................... Error! Bookmark not defined. Law Firms’ Cyber Risk .................................................................. Error! Bookmark not defined. Cyber Risk Cost Assumption and Attacks ................................. Error! Bookmark not defined. Cyber enforcement issues for the law firms .................................. Error! Bookmark not defined. Surveys ........................................................................................... Error! Bookmark not defined. Prevention ...................................................................................... Error! Bookmark not defined. Recommendations .......................................................................... Error! Bookmark not defined. Conclusion ..................................................................................... Error! Bookmark not defined. References ....................................................................................................................................... 8 Abstract With the evolution of technology, all businesses use the internet and other smart devices for smooth operations in their business. The advanced use of the internet and technology has brought many security issues for businesses. This paper focuses on the current threats faced by law firms in terms of cyberattacks. An insight is provided on how law firms can be threatened by different actors for information. A survey approach has been used for collecting data for this paper. Keywords: Cybersecurity, Law firms, Threat Actors, Information Introduction While firms around the world are forced continuously to enhance the complexity of their risk reduction strategies, cyber-attacks are growing steadily. A study by Lab's panda in Q3 2016 only took another 18 million malware tests. In 2017, a further report from the Division of cybercrime and intellectual property was carrying out more than 4,000 Ransomware attacks daily (CCIPS). That's 300 p ...

Education
1 of 17
Cybersecurity and Policy Kafayat Omotayo WRTG 112 UMGC 02/15/21 Commented [DW1]: Good cover page. Table of Contents Abstract ............................................................................................... ............................................ 3 Introduction .................................................................................... Error! Bookmark not defined. Research Question ......................................................................... Error! Bookmark not defined.
Overview .................................................................................... Error! Bookmark not defined. Standards .................................................................................... Error! Bookmark not defined. Definitions .................................................................................. Error! Bookmark not defined. The potential threat of a cyberattack on a law firm ................... Error! Bookmark not defined. Law Firms’ Cyber Risk .................................................................. Error! Bookmark not defined. Cyber Risk Cost Assumption and Attacks ................................. Error! Bookmark not defined. Cyber enforcement issues for the law firms .................................. Error! Bookmark not defined. Surveys ........................................................................................... Error! Bookmark not defined. Prevention ...................................................................................... Error! Bookmark not defined. Recommendations .......................................................................... Error! Bookmark not defined.
Conclusion ..................................................................................... Error! Bookmark not defined. References ............................................................................................... ........................................ 8 Abstract With the evolution of technology, all businesses use the internet and other smart devices for smooth operations in their business. The advanced use of the internet and technology has brought many security issues for businesses. This paper focuses on the current threats faced by law firms in terms of cyberattacks. An insight is provided on how law firms can be threatened by different actors for information. A survey approach has been used for collecting data for this paper. Keywords: Cybersecurity, Law firms, Threat Actors, Information Introduction
While firms around the world are forced continuously to enhance the complexity of their risk reduction strategies, cyber-attacks are growing steadily. A study by Lab's panda in Q3 2016 only took another 18 million malware tests. In 2017, a further report from the Division of cybercrime and intellectual property was carrying out more than 4,000 Ransomware attacks daily (CCIPS). That's 300 percent more than 2015, with 1,000 ransomware attacks every day. Several studies indicate that technology has two effects—connecting the globe and simultaneously enabling cyber-attacks. In 2016, it was discovered for the very first time in history that cybercrime has taken over traditional crime by UK National Police Department and other organizations (Alwan, 2018). In today's fast-moving dynamic environment, all the business is using the internet for smooth functioning and maintains competition in the business world. Ensuring the safety of the data has become the prime motive of all trades. Similarly, the relevance of cyber protection for their customers and the status of the company have begun to be understood by law firms. One of the chief duties of the law firm is to ensure the protection of client's private legal information. There are several kinds of cybersecurity research; however, very little research has been offered on security issues in law. One of the greatest cybersecurity faced by law firms includes data breaches and ransom-hack attacks (Stark, 2021). Research Question How do threat actors obtain classified information from a law firm?
Overview Standards The main aim of the National Institute of Standards and Technology (NIST) is to offer an overview of how different institutions, states, or nations understand or approach "cyber-attacks." A cybersecurity policy for the European Union is being developed by the European Network and Information Security Agency (ENISA) to aim for continuity across Europe, across different international boundaries, across national borders and industries. For EU companies to comply with their cybersecurity pledge and regulation conformity, ENISA works toward harmonized standards. Homeland Security also offers a cross walking cybersecurity NIST system that provides a comprehensive checklist to classify the terms. Commented [DW2]: Formatting: be sure to check the guidelines for the formatting. While this might be useful for some arenas, this course is aimed to familiarize you with the formatting you’ll be using in future courses (unless they request otherwise). You do not need a Table of Contents or Abstract, and the sections (introduction, body, conclusion) do not get their own headers. Commented [DW3]: This could work as a thesis if it is slightly re-worded; your thesis should take a stance/position on the issue, one that is arguable. See the examples in our course readings for more, and develop a strong thesis here in the introduction.
Commented [DW4]: Great citing. Commented [DW5]: Instead of these headers and sections, we need body paragraphs that each support your stance and begin with a topic sentence. See above. Definitions Cybercrime, as stated in the Tallinn Manual on International Law for Cyber Operations, is defined by the Australian Government under the Commonwealth Penalty Code Act 1995 as computational crimes involving unauthorized entry, modification, or disruption of electronic communication. Austria offers a wide-ranging description of cybercrime as "illegal cyber-space attacks on and through ICT systems defined by criminal or administrative laws," Includes, as well as internet crime, any crime committed through IT and communication networks. In the US and Russia, common definitions are followed: cyberspace use in conjunction with domestic or international legislation for criminal purposes. Although cybercrime is unified, law enforcement, including Interpol, is typically distinguished between the two main forms of internet-related crime: advanced (or hi-tech) cybercrime such as sophisticated hardware and software attacks and cyber-enable crime, wherewith the onset of the internet, many "traditional" criminals have changed their course (Alwan, 2018). The potential threat of a cyberattack on a law firm
Malware: This software helps in breaching information systems. By clicking on a link, one can install this software on their system. Spyware, ransomware, and malware are some of the examples of this program. Malware will obstruct the company's access. Also, it can copy all the information of the firm into a drive. Ransomware enables the hacker to lock the employees or owner out of the system until the firm pays the ransom to the hacker. Phishing: The hacker acts as an authentic firm or company and tries to steal private information and login passwords. A MITM (man-in-the-middle) attack: The hacker captures and transmits messages to two parties who believe they communicate with each other; this scam is also known as a scooping attack (Mayo, Mayo, Spencer, Spencer & Spencer, 2021). Law Firms' Cyber Risk Cyber Risk Cost Assumption and Attacks In the retention agreement, cyber protection is changing and is now more than a technical challenge or an added clause. This was the greatest risk facing law firms in 2017, for example - A massive cybersecurity infringement, later related To an insider trade of $4 million-plus scam, was endured by Cravath, Swaine and Moore, and Weil Gotshal&Manges, two of US's biggest law firms. In July 2016, their little Philadelphia business, the computer system – Greseng Law – was infested by malware. Their outsourced IT supplier,
Integrated Microsystems, was contacted. Jessica L. Mazzeo stated, "We caught it almost immediately". While Chief Operating Officer at Griesing Law stated that "We took down our network and ran virus software on every computer in the firm. Once we located where the virus originated, we wiped the hard drive." This incident was a revolution in law firms. Lawyers took a different approach in dealing with emails and websites (Alwan, 2018). Commented [DW6]: Be sure to see the above notes—this needs to be formatted into an essay. Cyber enforcement issues for the law firms Unlike any businesses law firms are prone to breaching and quite a lot of them have a requirement of pre-breeching safety. If a problem emerges, a corporation will be far superior to its customers, its government regulations, or compliance organizations, if the firm can illustrate the following (1) Their protection agenda is consistent with best practices, (2) have active management, (3) All the procedures and applications are being followed well, and (4) Adequate tools are involved in detecting malware and illegal activities. The lack of investment in cybersecurity is one of the biggest issues. Many legal professionals (lawyers) describe costs as an important factor in the planning of cyber-attacks, why law firms fall behind. At least up-to- date software is needed for an efficient cyber risk program and
is very expensive for all law firms. Law firms have never been highly technical and are now pressurized to upgrade their systems, as company breaches are being publicized by news and consumers are increasingly asking about protection (Heikkila, 2009). In New York at the beginning of 2012, the FBI released notices to businesses to discuss the possibility of infringements and misuse of consumer data. Alan Paller, the research director for the Cyber Training SANS Institute, disclosed at the same time that he had a wonderful conversation with associates from a New York corporation, told the FBI that they had all their consumer records were stolen (Alwan, 2018). Surveys In the areas of personal injuries, housing, tax, and intellectual property, law firms serve as custodians for intensely sensitive details for their customers. It is therefore important to maintain appropriate procedures for cybersecurity to guard the information and maintain the trust that consumers put in them. Breakdown of this process results in degradation of the company's reputation and severe consequences for clients. Several cases are depicting the above scenario. For example, in the year 2020, a file was hacked in September, having the information of 9 employees. All the important and personal information like name, phone number, email address, passport number, social number, and other important details that could be used as identity theft. To recover all the employees from the cyber hack, the law company had to pay free credit
monitoring service to all its client's employees. It is estimated by the American bar association that almost 29% of respondents on the survey have faced cyber threats related to data breaches. But only 34% of firms are maintaining the plan of cybersecurity incidents ("2020 Cybersecurity", 2021). A survey of dark-web activity stated that how actors monetize their abuse of law firms (screenshot in appendix 1). This is accomplished largely by the hacking and resealing of a law firm's data. For example, in the given (Appendix1) on June 14, 2020, on the forum Dark Web, the risk player "pirate cap" proposed to trade. The approach of a domain manager level to a law firm offered at the USD 24 million in revenue, where the opening offer was USD 500 (Andariel, 2021). Another such example can be seen in appendix 2. On October 28, 2020, a risk factor "whisper". With the message, they give a business in the area of corporate law and advocacy access to 25 hosts on the network of the target company. This is likely to be a considerably higher access standard from the 25 hosts to the starting request of the USD 1,000. This would cause great harm to the law firm (Tyler Combs, 2021). Commented [DW7]: Sentence fragment—overall, I’m seeing a lot of sentence issues, mostly revolving around wording that is hard to understand. Be sure to proofread carefully. Commented [DW8]: This is another example of a fragment.
Prevention Although the cybersecurity of law firms is seriously threatened, there is clear action that is vital for law firms to take to defend themselves. As stated earlier, a 2020 cybersecurity study from the American Bar Association found that incident response plans were in place only for 34% of the respondent of law firms. Therefore, business monitoring and cyber-attack recovery protocols are a valuable starting point. If lawyers do not know how to speak when a suspicious email is opened or major files are lost, and nobody is responsible for fixing these problems, a company is opening up to simple manipulation. A cognitive approach to cybersecurity: This is another approach that can be brought into practice. In this various approach to cybersecurity is defined. It is motivated by human cognition to learn diverse information. In Oxford's dictionary, awareness is characterized as "the mental action or process of acquiring knowledge and understanding through thought, experience, and the senses". One new feature of our frame is its capacity to assimilate complex textual information and combine it with wrongdoing, identification of known and unknown attacks. With written sources, the key problem is that the knowledge may be
incomplete and is for human use (Narayanan et.al, 2018). However, trained individuals must be aware of constructive cyber safety to avoid attacks in the first place. Most of the cybersecurity workers at big corporations (those who hire over 100 lawyers) have been dedicated for this purpose, although this figure is dropping dramatically as the size of the businesses reduces. However, whatever the scale it is, workers must grasp simple security procedures. Cybersecurity requirements can differ greatly according to the size and capabilities of the organization. For certain businesses, this would also include instruction in activities such as efficient login credentials protection, fraudulent email detection, and other cheap and typical prevention. Because of the comparatively few law professionals with IT backgrounds, this is especially required. Last but not least, law firms must be kept updated on the cyber challenges they face. Via the loss prevention services of AdvIntel, businesses may have access to specialized, proprietary sources of knowledge on risks. By detecting prominent botnets associated with ranch bands and analyzing DarkWeb markets, AdvIntel, and our Andariel network, law firms are provided with real-time information on their most volatile and active risks. Our approach to intelligence gathering and research is to help law firms retain a strategic advantage over the risks that are meant to manipulate them, and we view the legal industry as one of our focus industries.
Commented [DW9]: This is an example of a sentence whose wording doesn’t quite make sense. “There is clear action that it is vital” is hard to understand. Be sure to proofread the document carefully. Commented [DW10]: This is another example. Recommendations Apart from the aforementioned research, further investigation in this emerging field is recommended. The first review paper to be established from this research work can be developed considering other similar legal sectors, including businesses or application service providers for law support programs. For instance, a sample of cybersecurity feedback may be analyzed and compared with legal firms and can be used to detect if the protection of corporate laws is perceived differently. Conclusion Following an impact assessment and liability on all possible kinds of risks to data privacy, it seems like the most important lesson to be learned
from past company violations is that cyber policy and regulatory processes are not consistent, successful, and consistent. This emphasizes the need for a comprehensive cybersecurity solution. Law firms should not only comply with the regulatory checklist but should also make a list in its entirety and go above what regulators expect to secure not only their data but also the data of their clients. Policymakers must now evaluate and enforce the regulations that have been checked in these studies to guarantee that the internet is more protected to protect their clients. Commented [DW11]: I’m not sure what you mean here— you are repeating “consistent.” References John Reed Stark. 2021. Law Firms and Cybersecurity: A Comprehensive Guide for Law Firm Executive Committees. Retrieved 15 February 2021, from https://www.johnreedstark.com/wp- content/uploads/sites/180/2016/04/Law-Firm-
Cybersecurity-Guide-Final-PDF.pdf Alwan, H. (2018). Policy Development and Frameworks for Cyber Security in Corporates and Law Firms. International Journal Of Legal Information, 46(3), 137-162. DOI: 10.1017/Jul.2018.41 Mayo, V., Mayo, V., Spencer, K., Spencer, K., & Spencer, K. (2021). The Role of Cybersecurity in the Legal Field. Retrieved 15 February 2021, from https://www.biggerlawfirm.com/the-role-of-cybersecurity-in- the-legal-field/ Faith M. Heikkila. (2009). An Analysis of the Impact of Information Security Policies on Computer Security Breach Incidents in Law Firms. Retrieve at https://core.ac.uk/download/pdf/51097899.pdf S. N. Narayanan, A. Ganesan, K. Joshi, T. Oates, A. Joshi, and T. Finin. 2018."Early Detection of Cybersecurity Threats Using Collaborative Cognition," IEEE 4th International Conference on Collaboration and Internet Computing (CIC), Philadelphia, PA, 2018, pp. 354-363, DOI: 10.1109/CIC.2018.00054.
Commented [DW12]: Alphabetize by first letter in the entry. O Commented [DW13]: Be sure to use APA format—the last name goes first. Andariel. (2021). Threat Prevention. Retrieved 15 February 2021, from https://8dfd1b9a-1d6d- 4233-af4b- 26b0945b72b9.filesusr.com/ugd/0e8cc9_a30a4def495049a28c51 1e92ef29959d.pdf Tyler Combs. (2021). Retrieved 15 February 2021, from https://www.advanced- intel.com/post/breach-of-trust-how-threat-actors-leverage- confidential-information- against-law-firms 2020 Cybersecurity. (2021). Retrieved 15 February 2021, from https://www.americanbar.org/groups/law_practice/publications/t echreport/2020/cybersec urity/
Cybersecurity and Policy Kafayat Omotayo WRTG 112

Recommended

ASSIGNMENT CYBER SECURITY ppt.pptx
ASSIGNMENT CYBER SECURITY ppt.pptxASSIGNMENT CYBER SECURITY ppt.pptx
ASSIGNMENT CYBER SECURITY ppt.pptx
tumainjoseph
 
ASSIGNMENT CYBER SECURITY ppt.pptx
ASSIGNMENT CYBER SECURITY ppt.pptxASSIGNMENT CYBER SECURITY ppt.pptx
ASSIGNMENT CYBER SECURITY ppt.pptx
tumainjoseph
 
T CYBER SECURITY ppt.pptx
T CYBER SECURITY ppt.pptxT CYBER SECURITY ppt.pptx
T CYBER SECURITY ppt.pptx
tumainjoseph
 
A1 - Cibersegurança - Raising the Bar for Cybersecurity
A1 - Cibersegurança - Raising the Bar for CybersecurityA1 - Cibersegurança - Raising the Bar for Cybersecurity
A1 - Cibersegurança - Raising the Bar for Cybersecurity
Spark Security
 
What's new with Cybersecurity in Singapore?
What's new with Cybersecurity in Singapore? What's new with Cybersecurity in Singapore?
What's new with Cybersecurity in Singapore?
Abraham Vergis
 
OverseeCyberSecurityAsHackersSeekToInfiltrate
OverseeCyberSecurityAsHackersSeekToInfiltrateOverseeCyberSecurityAsHackersSeekToInfiltrate
OverseeCyberSecurityAsHackersSeekToInfiltrate
Kashif Ali
 
Data Safety And Security
Data Safety And SecurityData Safety And Security
Data Safety And Security
Constantine Karbaliotis
 
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docxSECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
bagotjesusa
 

Recommended

ASSIGNMENT CYBER SECURITY ppt.pptx
ASSIGNMENT CYBER SECURITY ppt.pptxASSIGNMENT CYBER SECURITY ppt.pptx
ASSIGNMENT CYBER SECURITY ppt.pptx
tumainjoseph
 
ASSIGNMENT CYBER SECURITY ppt.pptx
ASSIGNMENT CYBER SECURITY ppt.pptxASSIGNMENT CYBER SECURITY ppt.pptx
ASSIGNMENT CYBER SECURITY ppt.pptx
tumainjoseph
 
T CYBER SECURITY ppt.pptx
T CYBER SECURITY ppt.pptxT CYBER SECURITY ppt.pptx
T CYBER SECURITY ppt.pptx
tumainjoseph
 
A1 - Cibersegurança - Raising the Bar for Cybersecurity
A1 - Cibersegurança - Raising the Bar for CybersecurityA1 - Cibersegurança - Raising the Bar for Cybersecurity
A1 - Cibersegurança - Raising the Bar for Cybersecurity
Spark Security
 
What's new with Cybersecurity in Singapore?
What's new with Cybersecurity in Singapore? What's new with Cybersecurity in Singapore?
What's new with Cybersecurity in Singapore?
Abraham Vergis
 
OverseeCyberSecurityAsHackersSeekToInfiltrate
OverseeCyberSecurityAsHackersSeekToInfiltrateOverseeCyberSecurityAsHackersSeekToInfiltrate
OverseeCyberSecurityAsHackersSeekToInfiltrate
Kashif Ali
 
Data Safety And Security
Data Safety And SecurityData Safety And Security
Data Safety And Security
Constantine Karbaliotis
 
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docxSECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
bagotjesusa
 
A01450131
A01450131A01450131
A01450131
IOSR Journals
 
Case Study.pdf
Case Study.pdfCase Study.pdf
Case Study.pdf
DamaineFranklinMScBE
 
12Cyber Research ProposalCyb
12Cyber Research ProposalCyb12Cyber Research ProposalCyb
12Cyber Research ProposalCyb
AnastaciaShadelb
 
12Cyber Research ProposalCyb
12Cyber Research ProposalCyb12Cyber Research ProposalCyb
12Cyber Research ProposalCyb
ChantellPantoja184
 
Information Security And The Healthcare
Information Security And The HealthcareInformation Security And The Healthcare
Information Security And The Healthcare
Tracy Berry
 
INFORMATION SECURITY MANAGEMENT - Critique the employment of ethical hacking ...
INFORMATION SECURITY MANAGEMENT - Critique the employment of ethical hacking ...INFORMATION SECURITY MANAGEMENT - Critique the employment of ethical hacking ...
INFORMATION SECURITY MANAGEMENT - Critique the employment of ethical hacking ...
Hansa Edirisinghe
 
Biznesa infrastruktūras un datu drošības juridiskie aspekti
Biznesa infrastruktūras un datu drošības juridiskie aspektiBiznesa infrastruktūras un datu drošības juridiskie aspekti
Biznesa infrastruktūras un datu drošības juridiskie aspekti
ebuc
 
Include at least 250 words in your posting and at least 250 words in
Include at least 250 words in your posting and at least 250 words inInclude at least 250 words in your posting and at least 250 words in
Include at least 250 words in your posting and at least 250 words in
maribethy2y
 
Securing the digital economy
Securing the digital economySecuring the digital economy
Securing the digital economy
accenture
 
Securing the Digital Economy: Reinventing the Internet
Securing the Digital Economy: Reinventing the Internet Securing the Digital Economy: Reinventing the Internet
Securing the Digital Economy: Reinventing the Internet
accenture
 
Improved-Cybersecurity-cooperation
Improved-Cybersecurity-cooperationImproved-Cybersecurity-cooperation
Improved-Cybersecurity-cooperation
rrepko
 
this assignment is about Mesopotamia and Egypt. Some of these cu.docx
this assignment is about Mesopotamia and Egypt. Some of these cu.docxthis assignment is about Mesopotamia and Egypt. Some of these cu.docx
this assignment is about Mesopotamia and Egypt. Some of these cu.docx
OllieShoresna
 
This assignment has two goals 1) have students increase their under.docx
This assignment has two goals 1) have students increase their under.docxThis assignment has two goals 1) have students increase their under.docx
This assignment has two goals 1) have students increase their under.docx
OllieShoresna
 
This assignment has two parts 1 paragraph per questionIn wh.docx
This assignment has two parts 1 paragraph per questionIn wh.docxThis assignment has two parts 1 paragraph per questionIn wh.docx
This assignment has two parts 1 paragraph per questionIn wh.docx
OllieShoresna
 
This assignment is a minimum of 100 word all parts of each querstion.docx
This assignment is a minimum of 100 word all parts of each querstion.docxThis assignment is a minimum of 100 word all parts of each querstion.docx
This assignment is a minimum of 100 word all parts of each querstion.docx
OllieShoresna
 
This assignment has three elements a traditional combination format.docx
This assignment has three elements a traditional combination format.docxThis assignment has three elements a traditional combination format.docx
This assignment has three elements a traditional combination format.docx
OllieShoresna
 
This assignment has four partsWhat changes in business software p.docx
This assignment has four partsWhat changes in business software p.docxThis assignment has four partsWhat changes in business software p.docx
This assignment has four partsWhat changes in business software p.docx
OllieShoresna
 
This assignment consists of two partsthe core evaluation, a.docx
This assignment consists of two partsthe core evaluation, a.docxThis assignment consists of two partsthe core evaluation, a.docx
This assignment consists of two partsthe core evaluation, a.docx
OllieShoresna
 
This assignment asks you to analyze a significant textual elemen.docx
This assignment asks you to analyze a significant textual elemen.docxThis assignment asks you to analyze a significant textual elemen.docx
This assignment asks you to analyze a significant textual elemen.docx
OllieShoresna
 
This assignment allows you to learn more about one key person in Jew.docx
This assignment allows you to learn more about one key person in Jew.docxThis assignment allows you to learn more about one key person in Jew.docx
This assignment allows you to learn more about one key person in Jew.docx
OllieShoresna
 
This assignment allows you to explore the effects of social influe.docx
This assignment allows you to explore the effects of social influe.docxThis assignment allows you to explore the effects of social influe.docx
This assignment allows you to explore the effects of social influe.docx
OllieShoresna
 
This assignment addresses pretrial procedures that occur prior to th.docx
This assignment addresses pretrial procedures that occur prior to th.docxThis assignment addresses pretrial procedures that occur prior to th.docx
This assignment addresses pretrial procedures that occur prior to th.docx
OllieShoresna
 

More Related Content

Similar to Cybersecurity and Policy Kafayat Omotayo WRTG 112

12Cyber Research ProposalCyb
12Cyber Research ProposalCyb12Cyber Research ProposalCyb
12Cyber Research ProposalCyb
AnastaciaShadelb
 
12Cyber Research ProposalCyb
12Cyber Research ProposalCyb12Cyber Research ProposalCyb
12Cyber Research ProposalCyb
ChantellPantoja184
 
Information Security And The Healthcare
Information Security And The HealthcareInformation Security And The Healthcare
Information Security And The Healthcare
Tracy Berry
 
Include at least 250 words in your posting and at least 250 words in
Include at least 250 words in your posting and at least 250 words inInclude at least 250 words in your posting and at least 250 words in
Include at least 250 words in your posting and at least 250 words in
maribethy2y
 
Improved-Cybersecurity-cooperation
Improved-Cybersecurity-cooperationImproved-Cybersecurity-cooperation
Improved-Cybersecurity-cooperation
rrepko
 

Similar to Cybersecurity and Policy Kafayat Omotayo WRTG 112 (11)

A01450131
A01450131A01450131
A01450131
 
Case Study.pdf
Case Study.pdfCase Study.pdf
Case Study.pdf
 
12Cyber Research ProposalCyb
12Cyber Research ProposalCyb12Cyber Research ProposalCyb
12Cyber Research ProposalCyb
 
12Cyber Research ProposalCyb
12Cyber Research ProposalCyb12Cyber Research ProposalCyb
12Cyber Research ProposalCyb
 
Information Security And The Healthcare
Information Security And The HealthcareInformation Security And The Healthcare
Information Security And The Healthcare
 
INFORMATION SECURITY MANAGEMENT - Critique the employment of ethical hacking ...
INFORMATION SECURITY MANAGEMENT - Critique the employment of ethical hacking ...INFORMATION SECURITY MANAGEMENT - Critique the employment of ethical hacking ...
INFORMATION SECURITY MANAGEMENT - Critique the employment of ethical hacking ...
 
Biznesa infrastruktūras un datu drošības juridiskie aspekti
Biznesa infrastruktūras un datu drošības juridiskie aspektiBiznesa infrastruktūras un datu drošības juridiskie aspekti
Biznesa infrastruktūras un datu drošības juridiskie aspekti
 
Include at least 250 words in your posting and at least 250 words in
Include at least 250 words in your posting and at least 250 words inInclude at least 250 words in your posting and at least 250 words in
Include at least 250 words in your posting and at least 250 words in
 
Securing the digital economy
Securing the digital economySecuring the digital economy
Securing the digital economy
 
Securing the Digital Economy: Reinventing the Internet
Securing the Digital Economy: Reinventing the Internet Securing the Digital Economy: Reinventing the Internet
Securing the Digital Economy: Reinventing the Internet
 
Improved-Cybersecurity-cooperation
Improved-Cybersecurity-cooperationImproved-Cybersecurity-cooperation
Improved-Cybersecurity-cooperation
 

More from OllieShoresna

this assignment is about Mesopotamia and Egypt. Some of these cu.docx
this assignment is about Mesopotamia and Egypt. Some of these cu.docxthis assignment is about Mesopotamia and Egypt. Some of these cu.docx
this assignment is about Mesopotamia and Egypt. Some of these cu.docx
OllieShoresna
 
This assignment has two goals 1) have students increase their under.docx
This assignment has two goals 1) have students increase their under.docxThis assignment has two goals 1) have students increase their under.docx
This assignment has two goals 1) have students increase their under.docx
OllieShoresna
 
This assignment is a minimum of 100 word all parts of each querstion.docx
This assignment is a minimum of 100 word all parts of each querstion.docxThis assignment is a minimum of 100 word all parts of each querstion.docx
This assignment is a minimum of 100 word all parts of each querstion.docx
OllieShoresna
 
This assignment has three elements a traditional combination format.docx
This assignment has three elements a traditional combination format.docxThis assignment has three elements a traditional combination format.docx
This assignment has three elements a traditional combination format.docx
OllieShoresna
 
This assignment consists of two partsthe core evaluation, a.docx
This assignment consists of two partsthe core evaluation, a.docxThis assignment consists of two partsthe core evaluation, a.docx
This assignment consists of two partsthe core evaluation, a.docx
OllieShoresna
 
This assignment allows you to learn more about one key person in Jew.docx
This assignment allows you to learn more about one key person in Jew.docxThis assignment allows you to learn more about one key person in Jew.docx
This assignment allows you to learn more about one key person in Jew.docx
OllieShoresna
 
This assignment allows you to explore the effects of social influe.docx
This assignment allows you to explore the effects of social influe.docxThis assignment allows you to explore the effects of social influe.docx
This assignment allows you to explore the effects of social influe.docx
OllieShoresna
 
This assignment allows you to learn more about one key person in J.docx
This assignment allows you to learn more about one key person in J.docxThis assignment allows you to learn more about one key person in J.docx
This assignment allows you to learn more about one key person in J.docx
OllieShoresna
 
This assignment allows you to explore the effects of social infl.docx
This assignment allows you to explore the effects of social infl.docxThis assignment allows you to explore the effects of social infl.docx
This assignment allows you to explore the effects of social infl.docx
OllieShoresna
 
Think_Vision W5- Importance of VaccinationImportance of Vaccinatio.docx
Think_Vision W5- Importance of VaccinationImportance of Vaccinatio.docxThink_Vision W5- Importance of VaccinationImportance of Vaccinatio.docx
Think_Vision W5- Importance of VaccinationImportance of Vaccinatio.docx
OllieShoresna
 
Thinks for both only 50 words as much for each one1-xxxxd, unf.docx
Thinks for both only 50 words as much for each one1-xxxxd, unf.docxThinks for both only 50 words as much for each one1-xxxxd, unf.docx
Thinks for both only 50 words as much for each one1-xxxxd, unf.docx
OllieShoresna
 
Thinking About Research PaperConsider the research question and .docx
Thinking About Research PaperConsider the research question and .docxThinking About Research PaperConsider the research question and .docx
Thinking About Research PaperConsider the research question and .docx
OllieShoresna
 

More from OllieShoresna (20)

this assignment is about Mesopotamia and Egypt. Some of these cu.docx
this assignment is about Mesopotamia and Egypt. Some of these cu.docxthis assignment is about Mesopotamia and Egypt. Some of these cu.docx
this assignment is about Mesopotamia and Egypt. Some of these cu.docx
 
This assignment has two goals 1) have students increase their under.docx
This assignment has two goals 1) have students increase their under.docxThis assignment has two goals 1) have students increase their under.docx
This assignment has two goals 1) have students increase their under.docx
 
This assignment has two parts 1 paragraph per questionIn wh.docx
This assignment has two parts 1 paragraph per questionIn wh.docxThis assignment has two parts 1 paragraph per questionIn wh.docx
This assignment has two parts 1 paragraph per questionIn wh.docx
 
This assignment is a minimum of 100 word all parts of each querstion.docx
This assignment is a minimum of 100 word all parts of each querstion.docxThis assignment is a minimum of 100 word all parts of each querstion.docx
This assignment is a minimum of 100 word all parts of each querstion.docx
 
This assignment has three elements a traditional combination format.docx
This assignment has three elements a traditional combination format.docxThis assignment has three elements a traditional combination format.docx
This assignment has three elements a traditional combination format.docx
 
This assignment has four partsWhat changes in business software p.docx
This assignment has four partsWhat changes in business software p.docxThis assignment has four partsWhat changes in business software p.docx
This assignment has four partsWhat changes in business software p.docx
 
This assignment consists of two partsthe core evaluation, a.docx
This assignment consists of two partsthe core evaluation, a.docxThis assignment consists of two partsthe core evaluation, a.docx
This assignment consists of two partsthe core evaluation, a.docx
 
This assignment asks you to analyze a significant textual elemen.docx
This assignment asks you to analyze a significant textual elemen.docxThis assignment asks you to analyze a significant textual elemen.docx
This assignment asks you to analyze a significant textual elemen.docx
 
This assignment allows you to learn more about one key person in Jew.docx
This assignment allows you to learn more about one key person in Jew.docxThis assignment allows you to learn more about one key person in Jew.docx
This assignment allows you to learn more about one key person in Jew.docx
 
This assignment allows you to explore the effects of social influe.docx
This assignment allows you to explore the effects of social influe.docxThis assignment allows you to explore the effects of social influe.docx
This assignment allows you to explore the effects of social influe.docx
 
This assignment addresses pretrial procedures that occur prior to th.docx
This assignment addresses pretrial procedures that occur prior to th.docxThis assignment addresses pretrial procedures that occur prior to th.docx
This assignment addresses pretrial procedures that occur prior to th.docx
 
This assignment allows you to learn more about one key person in J.docx
This assignment allows you to learn more about one key person in J.docxThis assignment allows you to learn more about one key person in J.docx
This assignment allows you to learn more about one key person in J.docx
 
This assignment allows you to explore the effects of social infl.docx
This assignment allows you to explore the effects of social infl.docxThis assignment allows you to explore the effects of social infl.docx
This assignment allows you to explore the effects of social infl.docx
 
this about communication please i eant you answer this question.docx
this about communication please i eant you answer this question.docxthis about communication please i eant you answer this question.docx
this about communication please i eant you answer this question.docx
 
Think of a time when a company did not process an order or perform a.docx
Think of a time when a company did not process an order or perform a.docxThink of a time when a company did not process an order or perform a.docx
Think of a time when a company did not process an order or perform a.docx
 
Think_Vision W5- Importance of VaccinationImportance of Vaccinatio.docx
Think_Vision W5- Importance of VaccinationImportance of Vaccinatio.docxThink_Vision W5- Importance of VaccinationImportance of Vaccinatio.docx
Think_Vision W5- Importance of VaccinationImportance of Vaccinatio.docx
 
Thinks for both only 50 words as much for each one1-xxxxd, unf.docx
Thinks for both only 50 words as much for each one1-xxxxd, unf.docxThinks for both only 50 words as much for each one1-xxxxd, unf.docx
Thinks for both only 50 words as much for each one1-xxxxd, unf.docx
 
Think of a specific change you would like to bring to your organizat.docx
Think of a specific change you would like to bring to your organizat.docxThink of a specific change you would like to bring to your organizat.docx
Think of a specific change you would like to bring to your organizat.docx
 
Think of a possible change initiative in your selected organization..docx
Think of a possible change initiative in your selected organization..docxThink of a possible change initiative in your selected organization..docx
Think of a possible change initiative in your selected organization..docx
 
Thinking About Research PaperConsider the research question and .docx
Thinking About Research PaperConsider the research question and .docxThinking About Research PaperConsider the research question and .docx
Thinking About Research PaperConsider the research question and .docx
 

Recently uploaded

QUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lesson
QUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lessonQUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lesson
QUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lesson
httgc7rh9c
 
Spellings Wk 4 and Wk 5 for Grade 4 at CAPS
Spellings Wk 4 and Wk 5 for Grade 4 at CAPSSpellings Wk 4 and Wk 5 for Grade 4 at CAPS
Spellings Wk 4 and Wk 5 for Grade 4 at CAPS
AnaAcapella
 
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
EADTU
 

Recently uploaded (20)

Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)
 
QUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lesson
QUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lessonQUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lesson
QUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lesson
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
 
Tatlong Kwento ni Lola basyang-1.pdf arts
Tatlong Kwento ni Lola basyang-1.pdf artsTatlong Kwento ni Lola basyang-1.pdf arts
Tatlong Kwento ni Lola basyang-1.pdf arts
 
Spellings Wk 4 and Wk 5 for Grade 4 at CAPS
Spellings Wk 4 and Wk 5 for Grade 4 at CAPSSpellings Wk 4 and Wk 5 for Grade 4 at CAPS
Spellings Wk 4 and Wk 5 for Grade 4 at CAPS
 
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
 
OS-operating systems- ch05 (CPU Scheduling) ...
OS-operating systems- ch05 (CPU Scheduling) ...OS-operating systems- ch05 (CPU Scheduling) ...
OS-operating systems- ch05 (CPU Scheduling) ...
 
Interdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptxInterdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptx
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
 
Our Environment Class 10 Science Notes pdf
Our Environment Class 10 Science Notes pdfOur Environment Class 10 Science Notes pdf
Our Environment Class 10 Science Notes pdf
 
What is 3 Way Matching Process in Odoo 17.pptx
What is 3 Way Matching Process in Odoo 17.pptxWhat is 3 Way Matching Process in Odoo 17.pptx
What is 3 Way Matching Process in Odoo 17.pptx
 
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdfUnit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptx
 
Details on CBSE Compartment Exam.pptx1111
Details on CBSE Compartment Exam.pptx1111Details on CBSE Compartment Exam.pptx1111
Details on CBSE Compartment Exam.pptx1111
 
dusjagr & nano talk on open tools for agriculture research and learning
dusjagr & nano talk on open tools for agriculture research and learningdusjagr & nano talk on open tools for agriculture research and learning
dusjagr & nano talk on open tools for agriculture research and learning
 
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)
 
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptxCOMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
 
How to Add a Tool Tip to a Field in Odoo 17
How to Add a Tool Tip to a Field in Odoo 17How to Add a Tool Tip to a Field in Odoo 17
How to Add a Tool Tip to a Field in Odoo 17
 
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptx
 

Cybersecurity and Policy Kafayat Omotayo WRTG 112

  • 1. Cybersecurity and Policy Kafayat Omotayo WRTG 112 UMGC 02/15/21 Commented [DW1]: Good cover page. Table of Contents Abstract ............................................................................................... ............................................ 3 Introduction .................................................................................... Error! Bookmark not defined. Research Question ......................................................................... Error! Bookmark not defined.
  • 2. Overview .................................................................................... Error! Bookmark not defined. Standards .................................................................................... Error! Bookmark not defined. Definitions .................................................................................. Error! Bookmark not defined. The potential threat of a cyberattack on a law firm ................... Error! Bookmark not defined. Law Firms’ Cyber Risk .................................................................. Error! Bookmark not defined. Cyber Risk Cost Assumption and Attacks ................................. Error! Bookmark not defined. Cyber enforcement issues for the law firms .................................. Error! Bookmark not defined. Surveys ........................................................................................... Error! Bookmark not defined. Prevention ...................................................................................... Error! Bookmark not defined. Recommendations .......................................................................... Error! Bookmark not defined.
  • 3. Conclusion ..................................................................................... Error! Bookmark not defined. References ............................................................................................... ........................................ 8 Abstract With the evolution of technology, all businesses use the internet and other smart devices for smooth operations in their business. The advanced use of the internet and technology has brought many security issues for businesses. This paper focuses on the current threats faced by law firms in terms of cyberattacks. An insight is provided on how law firms can be threatened by different actors for information. A survey approach has been used for collecting data for this paper. Keywords: Cybersecurity, Law firms, Threat Actors, Information Introduction
  • 4. While firms around the world are forced continuously to enhance the complexity of their risk reduction strategies, cyber-attacks are growing steadily. A study by Lab's panda in Q3 2016 only took another 18 million malware tests. In 2017, a further report from the Division of cybercrime and intellectual property was carrying out more than 4,000 Ransomware attacks daily (CCIPS). That's 300 percent more than 2015, with 1,000 ransomware attacks every day. Several studies indicate that technology has two effects—connecting the globe and simultaneously enabling cyber-attacks. In 2016, it was discovered for the very first time in history that cybercrime has taken over traditional crime by UK National Police Department and other organizations (Alwan, 2018). In today's fast-moving dynamic environment, all the business is using the internet for smooth functioning and maintains competition in the business world. Ensuring the safety of the data has become the prime motive of all trades. Similarly, the relevance of cyber protection for their customers and the status of the company have begun to be understood by law firms. One of the chief duties of the law firm is to ensure the protection of client's private legal information. There are several kinds of cybersecurity research; however, very little research has been offered on security issues in law. One of the greatest cybersecurity faced by law firms includes data breaches and ransom-hack attacks (Stark, 2021). Research Question How do threat actors obtain classified information from a law firm?
  • 5. Overview Standards The main aim of the National Institute of Standards and Technology (NIST) is to offer an overview of how different institutions, states, or nations understand or approach "cyber-attacks." A cybersecurity policy for the European Union is being developed by the European Network and Information Security Agency (ENISA) to aim for continuity across Europe, across different international boundaries, across national borders and industries. For EU companies to comply with their cybersecurity pledge and regulation conformity, ENISA works toward harmonized standards. Homeland Security also offers a cross walking cybersecurity NIST system that provides a comprehensive checklist to classify the terms. Commented [DW2]: Formatting: be sure to check the guidelines for the formatting. While this might be useful for some arenas, this course is aimed to familiarize you with the formatting you’ll be using in future courses (unless they request otherwise). You do not need a Table of Contents or Abstract, and the sections (introduction, body, conclusion) do not get their own headers. Commented [DW3]: This could work as a thesis if it is slightly re-worded; your thesis should take a stance/position on the issue, one that is arguable. See the examples in our course readings for more, and develop a strong thesis here in the introduction.
  • 6. Commented [DW4]: Great citing. Commented [DW5]: Instead of these headers and sections, we need body paragraphs that each support your stance and begin with a topic sentence. See above. Definitions Cybercrime, as stated in the Tallinn Manual on International Law for Cyber Operations, is defined by the Australian Government under the Commonwealth Penalty Code Act 1995 as computational crimes involving unauthorized entry, modification, or disruption of electronic communication. Austria offers a wide-ranging description of cybercrime as "illegal cyber-space attacks on and through ICT systems defined by criminal or administrative laws," Includes, as well as internet crime, any crime committed through IT and communication networks. In the US and Russia, common definitions are followed: cyberspace use in conjunction with domestic or international legislation for criminal purposes. Although cybercrime is unified, law enforcement, including Interpol, is typically distinguished between the two main forms of internet-related crime: advanced (or hi-tech) cybercrime such as sophisticated hardware and software attacks and cyber-enable crime, wherewith the onset of the internet, many "traditional" criminals have changed their course (Alwan, 2018). The potential threat of a cyberattack on a law firm
  • 7. Malware: This software helps in breaching information systems. By clicking on a link, one can install this software on their system. Spyware, ransomware, and malware are some of the examples of this program. Malware will obstruct the company's access. Also, it can copy all the information of the firm into a drive. Ransomware enables the hacker to lock the employees or owner out of the system until the firm pays the ransom to the hacker. Phishing: The hacker acts as an authentic firm or company and tries to steal private information and login passwords. A MITM (man-in-the-middle) attack: The hacker captures and transmits messages to two parties who believe they communicate with each other; this scam is also known as a scooping attack (Mayo, Mayo, Spencer, Spencer & Spencer, 2021). Law Firms' Cyber Risk Cyber Risk Cost Assumption and Attacks In the retention agreement, cyber protection is changing and is now more than a technical challenge or an added clause. This was the greatest risk facing law firms in 2017, for example - A massive cybersecurity infringement, later related To an insider trade of $4 million-plus scam, was endured by Cravath, Swaine and Moore, and Weil Gotshal&Manges, two of US's biggest law firms. In July 2016, their little Philadelphia business, the computer system – Greseng Law – was infested by malware. Their outsourced IT supplier,
  • 8. Integrated Microsystems, was contacted. Jessica L. Mazzeo stated, "We caught it almost immediately". While Chief Operating Officer at Griesing Law stated that "We took down our network and ran virus software on every computer in the firm. Once we located where the virus originated, we wiped the hard drive." This incident was a revolution in law firms. Lawyers took a different approach in dealing with emails and websites (Alwan, 2018). Commented [DW6]: Be sure to see the above notes—this needs to be formatted into an essay. Cyber enforcement issues for the law firms Unlike any businesses law firms are prone to breaching and quite a lot of them have a requirement of pre-breeching safety. If a problem emerges, a corporation will be far superior to its customers, its government regulations, or compliance organizations, if the firm can illustrate the following (1) Their protection agenda is consistent with best practices, (2) have active management, (3) All the procedures and applications are being followed well, and (4) Adequate tools are involved in detecting malware and illegal activities. The lack of investment in cybersecurity is one of the biggest issues. Many legal professionals (lawyers) describe costs as an important factor in the planning of cyber-attacks, why law firms fall behind. At least up-to- date software is needed for an efficient cyber risk program and
  • 9. is very expensive for all law firms. Law firms have never been highly technical and are now pressurized to upgrade their systems, as company breaches are being publicized by news and consumers are increasingly asking about protection (Heikkila, 2009). In New York at the beginning of 2012, the FBI released notices to businesses to discuss the possibility of infringements and misuse of consumer data. Alan Paller, the research director for the Cyber Training SANS Institute, disclosed at the same time that he had a wonderful conversation with associates from a New York corporation, told the FBI that they had all their consumer records were stolen (Alwan, 2018). Surveys In the areas of personal injuries, housing, tax, and intellectual property, law firms serve as custodians for intensely sensitive details for their customers. It is therefore important to maintain appropriate procedures for cybersecurity to guard the information and maintain the trust that consumers put in them. Breakdown of this process results in degradation of the company's reputation and severe consequences for clients. Several cases are depicting the above scenario. For example, in the year 2020, a file was hacked in September, having the information of 9 employees. All the important and personal information like name, phone number, email address, passport number, social number, and other important details that could be used as identity theft. To recover all the employees from the cyber hack, the law company had to pay free credit
  • 10. monitoring service to all its client's employees. It is estimated by the American bar association that almost 29% of respondents on the survey have faced cyber threats related to data breaches. But only 34% of firms are maintaining the plan of cybersecurity incidents ("2020 Cybersecurity", 2021). A survey of dark-web activity stated that how actors monetize their abuse of law firms (screenshot in appendix 1). This is accomplished largely by the hacking and resealing of a law firm's data. For example, in the given (Appendix1) on June 14, 2020, on the forum Dark Web, the risk player "pirate cap" proposed to trade. The approach of a domain manager level to a law firm offered at the USD 24 million in revenue, where the opening offer was USD 500 (Andariel, 2021). Another such example can be seen in appendix 2. On October 28, 2020, a risk factor "whisper". With the message, they give a business in the area of corporate law and advocacy access to 25 hosts on the network of the target company. This is likely to be a considerably higher access standard from the 25 hosts to the starting request of the USD 1,000. This would cause great harm to the law firm (Tyler Combs, 2021). Commented [DW7]: Sentence fragment—overall, I’m seeing a lot of sentence issues, mostly revolving around wording that is hard to understand. Be sure to proofread carefully. Commented [DW8]: This is another example of a fragment.
  • 11. Prevention Although the cybersecurity of law firms is seriously threatened, there is clear action that is vital for law firms to take to defend themselves. As stated earlier, a 2020 cybersecurity study from the American Bar Association found that incident response plans were in place only for 34% of the respondent of law firms. Therefore, business monitoring and cyber-attack recovery protocols are a valuable starting point. If lawyers do not know how to speak when a suspicious email is opened or major files are lost, and nobody is responsible for fixing these problems, a company is opening up to simple manipulation. A cognitive approach to cybersecurity: This is another approach that can be brought into practice. In this various approach to cybersecurity is defined. It is motivated by human cognition to learn diverse information. In Oxford's dictionary, awareness is characterized as "the mental action or process of acquiring knowledge and understanding through thought, experience, and the senses". One new feature of our frame is its capacity to assimilate complex textual information and combine it with wrongdoing, identification of known and unknown attacks. With written sources, the key problem is that the knowledge may be
  • 12. incomplete and is for human use (Narayanan et.al, 2018). However, trained individuals must be aware of constructive cyber safety to avoid attacks in the first place. Most of the cybersecurity workers at big corporations (those who hire over 100 lawyers) have been dedicated for this purpose, although this figure is dropping dramatically as the size of the businesses reduces. However, whatever the scale it is, workers must grasp simple security procedures. Cybersecurity requirements can differ greatly according to the size and capabilities of the organization. For certain businesses, this would also include instruction in activities such as efficient login credentials protection, fraudulent email detection, and other cheap and typical prevention. Because of the comparatively few law professionals with IT backgrounds, this is especially required. Last but not least, law firms must be kept updated on the cyber challenges they face. Via the loss prevention services of AdvIntel, businesses may have access to specialized, proprietary sources of knowledge on risks. By detecting prominent botnets associated with ranch bands and analyzing DarkWeb markets, AdvIntel, and our Andariel network, law firms are provided with real-time information on their most volatile and active risks. Our approach to intelligence gathering and research is to help law firms retain a strategic advantage over the risks that are meant to manipulate them, and we view the legal industry as one of our focus industries.
  • 13. Commented [DW9]: This is an example of a sentence whose wording doesn’t quite make sense. “There is clear action that it is vital” is hard to understand. Be sure to proofread the document carefully. Commented [DW10]: This is another example. Recommendations Apart from the aforementioned research, further investigation in this emerging field is recommended. The first review paper to be established from this research work can be developed considering other similar legal sectors, including businesses or application service providers for law support programs. For instance, a sample of cybersecurity feedback may be analyzed and compared with legal firms and can be used to detect if the protection of corporate laws is perceived differently. Conclusion Following an impact assessment and liability on all possible kinds of risks to data privacy, it seems like the most important lesson to be learned
  • 14. from past company violations is that cyber policy and regulatory processes are not consistent, successful, and consistent. This emphasizes the need for a comprehensive cybersecurity solution. Law firms should not only comply with the regulatory checklist but should also make a list in its entirety and go above what regulators expect to secure not only their data but also the data of their clients. Policymakers must now evaluate and enforce the regulations that have been checked in these studies to guarantee that the internet is more protected to protect their clients. Commented [DW11]: I’m not sure what you mean here— you are repeating “consistent.” References John Reed Stark. 2021. Law Firms and Cybersecurity: A Comprehensive Guide for Law Firm Executive Committees. Retrieved 15 February 2021, from https://www.johnreedstark.com/wp- content/uploads/sites/180/2016/04/Law-Firm-
  • 15. Cybersecurity-Guide-Final-PDF.pdf Alwan, H. (2018). Policy Development and Frameworks for Cyber Security in Corporates and Law Firms. International Journal Of Legal Information, 46(3), 137-162. DOI: 10.1017/Jul.2018.41 Mayo, V., Mayo, V., Spencer, K., Spencer, K., & Spencer, K. (2021). The Role of Cybersecurity in the Legal Field. Retrieved 15 February 2021, from https://www.biggerlawfirm.com/the-role-of-cybersecurity-in- the-legal-field/ Faith M. Heikkila. (2009). An Analysis of the Impact of Information Security Policies on Computer Security Breach Incidents in Law Firms. Retrieve at https://core.ac.uk/download/pdf/51097899.pdf S. N. Narayanan, A. Ganesan, K. Joshi, T. Oates, A. Joshi, and T. Finin. 2018."Early Detection of Cybersecurity Threats Using Collaborative Cognition," IEEE 4th International Conference on Collaboration and Internet Computing (CIC), Philadelphia, PA, 2018, pp. 354-363, DOI: 10.1109/CIC.2018.00054.
  • 16. Commented [DW12]: Alphabetize by first letter in the entry. O Commented [DW13]: Be sure to use APA format—the last name goes first. Andariel. (2021). Threat Prevention. Retrieved 15 February 2021, from https://8dfd1b9a-1d6d- 4233-af4b- 26b0945b72b9.filesusr.com/ugd/0e8cc9_a30a4def495049a28c51 1e92ef29959d.pdf Tyler Combs. (2021). Retrieved 15 February 2021, from https://www.advanced- intel.com/post/breach-of-trust-how-threat-actors-leverage- confidential-information- against-law-firms 2020 Cybersecurity. (2021). Retrieved 15 February 2021, from https://www.americanbar.org/groups/law_practice/publications/t echreport/2020/cybersec urity/