{"id":99494,"date":"2025-01-07T22:22:29","date_gmt":"2025-01-08T06:22:29","guid":{"rendered":"https:\/\/xira.com\/p\/2025\/01\/07\/nc-state-bar-rolls-out-cybersecurity-self-assessment\/"},"modified":"2025-01-07T22:22:29","modified_gmt":"2025-01-08T06:22:29","slug":"nc-state-bar-rolls-out-cybersecurity-self-assessment","status":"publish","type":"post","link":"https:\/\/xira.com\/p\/2025\/01\/07\/nc-state-bar-rolls-out-cybersecurity-self-assessment\/","title":{"rendered":"NC State Bar Rolls Out Cybersecurity Self-Assessment"},"content":{"rendered":"<p>\u201cThere is no correct answer to the questions, \u2018How much cybersecurity does my law firm need?\u2019 or \u2018How much should I spend on cybersecurity?\u2019 There is no one size fits all,\u201d said Peter Bolac, the new executive director of the North Carolina State Bar.<\/p>\n<p>The State Bar and Lawyers Mutual have developed a free Cybersecurity Self-Assessment designed to help lawyers and law firms evaluate and strengthen their cybersecurity protocols. Bolac spoke with me about the project.<\/p>\n<p><strong>PB:<\/strong> The Cybersecurity Self-Assessment is a series of relatively broad questions in areas regarding budgeting, hiring and staffing, basic safe security protocols, and standards and procedures. It lets lawyers answer these questions and then provides tailored resources such as checklists, videos and handbooks from vetted sources. Based on their answers to the questions in the assessment, lawyers can continue to learn and improve their practices. For example, a lawyer who scores low on questions pertaining to disaster planning would be provided with guides to disaster planning and incident response.<\/p>\n<p>The State Bar requires one hour of technology CLE for lawyers every reporting period. Continuous learning in this area is necessary. It\u2019s essential to a lawyer\u2019s practice. Lawyers who complete the self-assessment receive one free hour of technology training CLE credit.<\/p>\n<p><strong>AALM:<\/strong> Is the State Bar considering adopting minimum cybersecurity requirements for law firms?<\/p>\n<p><strong>PB:<\/strong> We have an ethics opinion about using software as a service that includes guidance on a lawyer\u2019s duty of competence in technology and cybersecurity, but we don\u2019t set minimum security requirements because it can create a false sense of security when the risks are constantly changing. In this area, we\u2019re forced to go back to the classic lawyer phrases of \u201creasonableness\u201d and \u201cdue diligence.\u201d As much as lawyers would prefer that we give them \u201cif you do this, you\u2019ll be OK,\u201d there is no one-size-fits-all answer to that question. Law firms have different industry-specific requirements and hold different kinds of sensitive data. Therefore, what might be enough security for one law firm might not be sufficient for others. This assessment gives lawyers the resources to help them make those decisions.<\/p>\n<p>At a minimum, lawyers must stay abreast of changes in the cybersecurity laws and changes in the specific technologies relevant to their practice.<\/p>\n<p><strong>AALM:<\/strong> A 2023 ABA survey reported that 80% of respondents have one or more policies governing technology. That means a lot firms are still not addressing cybersecurity.<\/p>\n<p><strong>PB:<\/strong> Hiding your head in the sand is no longer acceptable. Claiming ignorance is not going to work. We\u2019ve all been targets. The State Bar in 2019 was the subject of a ransomware attack. It\u2019s happening everywhere. Law firms are a constant target because of the sensitive information that they are holding. The industry uses the phrase \u201cit\u2019s not if, it\u2019s when\u201d in terms of cyber-attacks, and lawyers need to be prepared.<\/p>\n<p><em>Complete the self-assessment at <a rel=\"nofollow noopener\" href=\"https:\/\/ncsb.avvy.pro\/\" target=\"_blank\">https:\/\/ncsb.avvy.pro\/<\/a>. Complete the 1 CLE credit request form at<br \/><a rel=\"nofollow noopener\" href=\"https:\/\/forms.office.com\/g\/BBPThxLZ1g\" target=\"_blank\">https:\/\/forms.office.com\/g\/BBPThxLZ1g<\/a>.<\/em><\/p>\n<p>The post <a rel=\"nofollow noopener\" href=\"https:\/\/attorneyatlawmagazine.com\/legal-technology\/it-services\/cybersecurity\/nc-state-bar-rolls-out-cybersecurity-self-assessment\" target=\"_blank\">NC State Bar Rolls Out Cybersecurity Self-Assessment<\/a> appeared first on <a rel=\"nofollow noopener\" href=\"https:\/\/attorneyatlawmagazine.com\/\" target=\"_blank\">Attorney at Law Magazine<\/a>.<\/p>\n<div class=\"gdpr_lightbox-hide\" role=\"complementary\" aria-label=\"GDPR Settings Screen\">\n<div class=\"moove-gdpr-modal-content moove-clearfix logo-position-left moove_gdpr_modal_theme_v1\">\n<div class=\"moove-gdpr-modal-left-content\">\n<div class=\"moove-gdpr-company-logo-holder\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/attorneyatlawmagazine.com\/wp-content\/uploads\/2020\/09\/black%400.5x.png?resize=172%2C63&#038;ssl=1\" alt=\"\" width=\"172\" height=\"63\" class=\"img-responsive\" title=\"\"><\/div>\n<\/div>\n<div class=\"moove-gdpr-modal-right-content\">\n<div class=\"main-modal-content\">\n<div class=\"moove-gdpr-tab-content\">\n<div class=\"moove-gdpr-tab-main\">Privacy Overview<\/p>\n<div class=\"moove-gdpr-tab-main-content\">\n<p>This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognizing you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful. Read our <a href=\"https:\/\/attorneyatlawmagazine.com\/privacy-policy\" rel=\"nofollow noopener\" target=\"_blank\">Privacy Policy<\/a>.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>\u201cThere is no correct answer to the questions, \u2018How much cybersecurity does my law firm need?\u2019 or \u2018How much should I spend on cybersecurity?\u2019 There is no one size fits all,\u201d said Peter Bolac, the new executive director of the North Carolina State Bar. The State Bar and Lawyers Mutual have developed a free Cybersecurity [&hellip;]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[17],"tags":[],"class_list":["post-99494","post","type-post","status-publish","format-standard","hentry","category-legal_matters"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/xira.com\/p\/wp-json\/wp\/v2\/posts\/99494","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/xira.com\/p\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/xira.com\/p\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/xira.com\/p\/wp-json\/wp\/v2\/comments?post=99494"}],"version-history":[{"count":0,"href":"https:\/\/xira.com\/p\/wp-json\/wp\/v2\/posts\/99494\/revisions"}],"wp:attachment":[{"href":"https:\/\/xira.com\/p\/wp-json\/wp\/v2\/media?parent=99494"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/xira.com\/p\/wp-json\/wp\/v2\/categories?post=99494"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/xira.com\/p\/wp-json\/wp\/v2\/tags?post=99494"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}