By: Eric M. Shorr, President of Secure Future Tech Solutions
Let’s face it: the legal world is changing fast.
Artificial Intelligence used to feel like a buzzword. Today? It’s showing up in law offices across Rhode Island from solo practices to large firms. Whether it’s drafting memos, reviewing documents, or speeding up research, AI is helping attorneys save time and work smarter.
But here’s what most folks aren’t talking about: every tool you adopt adds a new door into your digital house. And not all of them are locked.
That’s where cybersecurity comes in.
Smaller Firms, Bigger Targets
You might think, “My firm’s not big enough to be a target.”
Unfortunately, that mindset is exactly why small and mid-sized firms are in the crosshairs. Cybercriminals see law firms as treasure troves of confidential data—medical records, financial details, corporate IP, and they know smaller firms often don’t have strong cybersecurity defenses in place.
And now, with AI in the mix, bad actors are getting smarter. They're using AI to send personalized phishing emails, mimic trusted senders, and launch attacks that are harder to spot. So, while you're using AI to speed up your workflow, Hackers are using it to sneak in the back door at lighting speed.
The Ethics of Digital Defense
Cybersecurity isn’t just a tech issue; it’s an ethical one. Under Rule 1.6(c) of the ABA Model Rules (which Rhode Island follows), lawyers must take “reasonable efforts” to protect client information. But what counts as “reasonable” in 2025?
Here’s a quick check-in:
- Are your email and remote logins protected with multi-factor authentication?
- Do you keep encrypted backups of your case files?
- Would your team know what to do if your systems were hit by ransomware?
- Are you conducting ongoing cybersecurity awareness training for your entire team?
If your answer to any of those is “I’m not sure,” it’s time for a check-up.
One Smart Step: Review Your Firm’s Cyber Readiness
I’m not talking about hiring a team of consultants or breaking the bank. Just take an hour this month to look at your setup through a legal lens. Ask:
- Are our files encrypted, both when stored and when shared?
- Do we train our staff to recognize phishing attempts?
- Do we have a response plan if a Cyberattack occurs?
- Do we have multi-factor authentication (MFA) configured for all systems?
Better yet, fold this into your annual risk review—just like you would with insurance policies or engagement letters.
Final Thought
Tech is transforming how we practice law. AI isn’t going away; it’s going to become a bigger part of how we serve clients. But with that power comes new responsibilities.
Trust is the backbone of the attorney-client relationship. And in today’s world, that includes how well you protect your clients’ digital information.
Take a step now. Lock the doors. Review your defenses. Because when it comes to cybersecurity, the cost of doing nothing is far greater than the cost of doing something small and smart.
Rest easy, counselor. You've got this.
