Since the ABA adopted an amendment to the comment of Model Rule 1.1 (on competence) to explain that being competent requires lawyers to understand "the benefits and risks associated with relevant technology" there has been a lot of discussion on how lawyers can meet the requirement. I posted a couple of podcasts on the subject (here and here). Also, as everyone probably knows, another rule specifically requires lawyers to use reasonable care in protecting the confidentiality of client data.
Given these rules, you would assume that lawyers who do not understand the technology they are currently using to transfer client information can be found to be incompetent.
Yet a recent according to the 2015 edition of the annual Legal Technology Survey Report, 71% of lawyers rely only on a
confidentiality statement in the body of messages as the security precautions they use when
sending confidential or privileged communications to clients via email.
Now think about this. Is placing a "confidentiality statement" at the end of a message using reasonable care to protect the confidentiality of the information. By the time the reader gets to the statement, the information has already been disclosed! As someone else has already pointed out, this is akin to putting a note inside a box that says, “Do not open this box.”
Law Sites and Lawyerist have comments on this here and here. Getting right to the point, Lawyerist states: "If you think a confidentiality statement in your email counts as a
precaution when you are sending confidential information, you are
incompetent. We can argue about whether precautions are necessary in the
first place, but there is no argument to be made that words constitute a
precaution. Disclaimers (including confidentiality statements) are pointless." Go here for more and links. Likewise, Professional Liability Matters concludes "you are not cyber ready."