Published Articles
If every new software renewal quietly adds “just a little” AI, your firm may be committing to a cost curve that outpaces your revenue
Over the last two years, the sticker price of many AI options has dropped, which can make usage feel inexpensive or even free inside familiar products. At the same time, vendors are shifting to fine‑grained, usage‑based billing and premium pricing for AI‑enabled features in traditional software. As firms embed AI everywhere—from email to document management systems to research platforms—the number of AI‑driven actions and the volume of data pushed through those engines can climb quickly, which is what ultimately drives the bill.
Beyond Firewalls: How Documented Oversight Protects Law Firm Leaders from Cyber Risk
In a cyber incident, the question law firm leaders most dread isn’t ‘What happened?," it’s ‘Where is your documented oversight?’
That’s why clear security policies and standard operating procedures (SOPs) matter so much. They spell out who is authorized to make decisions, who approves access to client data, and how issues get escalated before they become incidents. Without that, even well‑intended IT efforts can look like unmanaged risk.
Got WISP? - Understand your organization's obligations under the FTC Safeguards Rule
Since the FTC updated its Safeguards Rule in 2023, many small professional services firms must now maintain a Written Information Security Plan (WISP). This requirement is directly connected to how they prepare and file client tax returns. For firms that handle taxpayer or other sensitive financial information, a documented WISP is no longer optional “good practice” – it is a regulatory expectation tied to both FTC and IRS obligations.
Small Firm, Big Target: How Law-Firm Security Expertise Protects Your Practice
Smaller law firms don’t have “small” risk.They hold the same confidential client, deal, and litigation data as BigLaw—often with fewer resources and thinner margins to absorb a serious cyber incident.
That’s where working with a security consultant who has actually led technology and security inside law firms makes a difference.
Turning Client Security Requirements into a Leadership Advantage for Small Law Firms
Clients in regulated industries (financial services, healthcare, etc.) expect their law firms to manage data security with the same discipline they apply internally. For small firms, that expectation can feel daunting—but it is also a major opportunity for differentiated, visible cybersecurity leadership.asklib.hks.harvard
When Encryption Meets a Wrench: Protecting Yourself from Physical Crypto Theft
In May 2025, a Minnesota couple and their teenage son were held hostage in their own home by criminals demanding access to their cryptocurrency wallets. The attackers reportedly forced the victims to transfer their digital assets at gunpoint — a harrowing example of a growing threat known as the “wrench attack.”