Attorneys from solo practices to large firms generate, modify, collect, exchange, and store both practice information (client lists, escrow account information, etc.) as well as client confidential information using the online services of cloud-based vendors and accordingly are at high risk for cyber-attacks such as data breaches, ransomware attacks, business email compromise, and wire transfer fraud.
Attorneys are also routinely both consumers of vendor-provided technology (practice management, financial, communications, and security) as well as providers of technology to clients through online service platforms (e.g., information sharing) that are typically provided to vendors “in the cloud.”
For attorneys, “software supply chain” risks are those that involve the exchange of information associated with the provision of legal services. Moreover, because attorneys are both technology consumers and providers, they are in the center of what is known as the “software supply chain.”