United States

Helping you understand which security framework is best for your firm

Detailed data and comparisons about security frameworks for law firms

WHITE PAPER  | 

Download white paper

With significant data breaches and cyberattacks making headlines almost on a daily basis, many law firms have realized the need for more effective security measures. Any breach or attack can result in harm to clients and a firm’s reputation, and can also lead to regulatory fines, lawsuits and lost business.

Consistent with many other industries, law firms are looking for guidance when implementing a cybersecurity strategy. However, there is no single defined framework for the entire legal industry. Firms have a variety of established frameworks from which to choose from, and knowing which one to select can be a challenge.

This diversity in frameworks is necessary to an extent, as firms can vary significantly in size and have many different functions and many different types of data. Although, without fully understanding the advantages and disadvantages of each security framework, firms cannot confidently know which one is right for them.

This research paper aims to help correct the inefficiencies and vulnerabilities that often occur when law firms are choosing a cybersecurity framework. RSM surveyed law firms across the country to determine which frameworks firms are currently using and why. Specifically, the document analyzes four common security frameworks for law firms:

  • International Organization for Standardization (ISO) 27001/27002
  • National Institute of Standards and Technology cybersecurity framework (NIST CSF)
  • Center for Internet Security (CIS)
  • Payment Card Industry Data Security Standard (PCI DSS)

The data and additional insights included in this report help to determine which framework is the best for different types of firms, making the selection process easier and ultimately improving the security for law firms and clients.  

For more information on choosing security frameworks for law firms, download the study and register for the webcast.

How can we help you?

Contact us by phone 800.274.3978 or
submit your questions, comments, or proposal requests.


Receive Risk Bulletin by Email

SUBSCRIBE


Cybersecurity Rapid Assessment®

Complete our Cybersecurity Rapid Assessment form to be contacted about receiving our "quick-hit" evaluation of your organization’s overall security risk.

LEARN MORE




Events/Webcasts

LIVE WEBCAST

Why data privacy matters in a public world?

  • October 24, 2019

LIVE WEBCAST

Building and assessing your physical security program

  • October 24, 2019