Law firms are common targets of cyberattacks due to the sensitive information they obtain and store and their slow adoption of cybersecurity policies. In a CARET Legal-sponsored ALA webcast on February 17th, Thomas (TJ) Schoessow, VP of Technology Infrastructure at AbacusNext, and Alan Rappley, Senior Cyber Security Engineer at AbacusNext, discussed the basics of a SOC 2 audit and why firms are seeking vendors with SOC 2 attestation to keep their data secure.
The webcast explored what it means to be SOC 2 compliant and highlighted a cybersecurity checklist for firms to reference when vetting technology vendors they may want to work with.
Some of the topics discussed include:
- What is SOC 2?
- The basics of a SOC 2 audit
- SOC 2 Type 1 versus Type 2
- The five trust service categories
- The benefits of working with SOC 2 compliant vendors