October is Cybersecurity Awareness Month and it’s no coincidence that Halloween shares the same month because both can be pretty scary. However, just like with Halloween’s haunted houses and dark cobwebby corners, shining a light on scary things makes them less frightening.
Let’s shine a light on some potentially terrifying topics to determine how to take the scare out of each by taking action.
- Outsmart Email Phishing Scams – Gone phishing lately? Well bad actors have, and they are hooking many unsuspecting users – even IT professionals – with their clever simulations of company emails, assumed identities and scare tactics. A phishing email will almost always seem a bit off, though – misspellings, different tone (more/less formal) than the sender typically uses or mentions of purchases or bank transactions you are not familiar with. Listen to that gut feeling that tells you something is off, and do not click on the bait. Instead, take a screenshot, make a phone call to your IT contact or call the company directly that supposedly sent you the message. Your gut feeling will frequently reveal that the email was a scam, and that it was wise to avoid clicking on it.
- Make Peace with Multi-Factor Authentication – What’s more annoying than having to verify your credentials every time you log in either via email or phone? Having hackers gain access to your private emails and documents, that’s what. While it may seem frightfully annoying to use multi-factor authentication, it’s one of the best defenses against much more scary and annoying repercussions that may ensue if you don’t.
- Pave the Road to Outsourcing Legal Work – Many law firms won’t even consider outsourcing legal work, no matter how repetitive and administrative in nature it is and regardless of how pressed they are for talent. Why? Because they are afraid of the variables outsourcing can represent for cybersecurity and other issues. The antidote to these fears is developing a plan for the outsourced work with data security controls which match – or exceeds – cybersecurity controls on work done by the firm’s own attorney and staff. Cloud-based applications and virtual desktops are particularly useful to use with outsourcing firms due to their flexible configuration and ability to be accessed over any internet connection by an authorized party. Data can be securely shared without actually crossing borders. Word to the wise – be cognizant that outsourcing does bring up the subject of different compliance regulations, but many firms are doing it successfully and compliantly.
- Tech and Tech Training Are Not the Enemy – Law firms and lawyers in particular are well-known for hating technology and reviling training, sometimes running from it like the plague. However, that “no-way” stance softened due to Covid which made law firm employees use tech platforms every day to conduct business. Tech training is not the enemy. A well-trained employee is a great asset to the company because he/she can efficiently complete work for the firm while not creating risk for the firm by opening it up to security risks.
As Cybersecurity Awareness Month comes to a close on Halloween night, hopefully it has given law firms a chance to face their fears and find solutions to its most vexing security concerns. From phishing to multi-factor authentication, outsourcing to tech use and training, there are many challenges on the horizon. However, by dealing with these issues head-on and not hiding from them, law firms can come to a more secure, illuminated place where they can be confident their cybersecurity plan is working well. Contact us to learn how to deal with cybersecurity concerns head on.