Email holds the keys to the kingdom. All your password resets go through email, and abandoning an old domain name makes it easy for attackers to re-register the old domain and get your stuff.

[ Keep up with 8 hot cyber security trends (and 4 going cold). Give your career a boost with top security certifications: Who they're for, what they cost, and which you need. | Sign up for CSO newsletters. ]

The problem is especially grave for law firms where partnerships form, dissolve, and merge often, security researcher Gabor Szathmari points out. A merger or acquisition typically involves either new branding for the new firm, with a new domain name to match, or the acquired firm dropping their old branding and domain name. Letting those old domains expire is dangerous.

To read this article in full, please click here