Law firms need to be particularly vigilant about guarding against cybersecurity. Not only do they handle a variety of non-public personal and financial information about their clients, but the Consumer Financial Protection Bureau has begun requiring firms that specialize in several types of law to follow more stringent cyber security protocols and procedures that other types of businesses and law firms. Fail to comply with these requirements and your firm could face a fine, or worse, be held liable in the event of a data breach. Currently, these requirements apply to real estate lawyers, but they may soon also include those who practice family law. Law firm data security is more critical than ever.
What does the threat to the average small or medium-sized law firm look like as we begin 2019? Consider the following statistics:
1. According to a study by “Small Business Trends,” 43 percent of cyber attacks are aimed at small businesses like law firms.
2. It takes most companies at least six months to catch a data breach. Imagine the damage to your firm’s reputation and your clients’ finances that can be done by that time.
3. Windows-driven devices are the most commonly hacked with Android devices running second. However, that doesn’t mean that Macintosh and Apple users can relax their cybersecurity.
4. The average cost of a cybercrime data breach is $301 per employee.
5. More than 4,000 ransomware attacks occur every day, according to the FBI.
6. More than three-quarters of all businesses reported being a victim of a phishing attack within the last year.
7. The United States is, by far, the most significant target of cyber crime, with more than 38 percent of victim companies, according to a study by Norton. They also estimate that the U.S. will account of half of all crime by 2023.
Despite these alarming statistics, law firms tend to lag behind other professions and industries in combating the threat of cybercrime. The American Bar Association (ABA) ranked the average small law firm’s cyber security procedures and protocols at a 3.5 out of 10. The reasons are many. Law firms have been more reluctant to embrace new technology than other types of businesses. Also, many small and medium-sized law firms lack an IT department or even a designated IT person. However, no matter how small your operation, you ignore cyber security at your peril.
Fortunately, there are some easy and affordable things you can do to beef up your firm’s cyber defenses.
1. Segregate the firm’s most sensitive information. Restricting access to your firm’s most sensitive digital information is the first step in a good cybercrime prevention plan. This is the digital equivalent to locking documents in a safe an only giving a chosen few key employees the combination. You’ll want to use the most vigorous security protocol for this data, such as changing passwords frequently and only giving top employees access.
2. Install and update anti-virus and anti-malware software programs. Such programs, regularly updated are the first line of defense against cybercrime, and can be surprisingly effective.
3. Invest in employee training. Many cyber threats, such as phishing scams, can be neutralized if your employees know what such scams look it. Also, drilling employees on good basic computer and email practices, such as never opening an emailed attachment, and holding employees accountable for their actions can significantly minimize your firm’s level of exposure to cybercrime.
4. Enlist help. An IT managed service provider can help you protect your firm’s sensitive data without your having to house, maintain and staff an IT department. This type of company can offer a myriad of IT services, including cybersecurity, for one affordable monthly fee. At Parkway Tech, we take the time to get to know your firm and your business model before we custom design an IT package just for your firm. Many firms put their security and computer expectations in writing by producing and distributing a one or two-page list of what computer activity is allowed and what is prohibited.
The ABA estimates that merely concentrating on these four areas regarding cybersecurity can reduce the typical small law firm’s cyber security risk by 85 to 90 percent. Now that’s good news on which to start the new year.
Located in Winston-Salem, Parkway Tech specializes in helping small and medium-size law firms with their IT needs. We have been offering legal IT services, including cybersecurity, since 2008, and we pride ourselves on our friendly, responsive customer service. We’re so confident that you’ll be impressed with our service that we offer a 90-day guarantee on all of our managed service packages. If you’re not thrilled by what we offer, you don’t pay. It’s as simple as that. Not many other IT specialists make that offer.
Parkway Tech offers technology management, help desk services, and strategic IT consulting to law firms and legal practices across North Carolina.
We offer a completely customized technology support services for large and small law firms, law offices and law practices.