Attention March 13th, 2024 Webinar Attendees, please click here to complete our Survey or Attendance Verification and Credit Request Form. (required for CLE credit)

How to Boost Cyber Awareness in Your Firm

Last update

at

by:

by:

Share

Print Friendly, PDF & Email
One in three law firms will be targeted for an attack.

Approximately one in three law firms will be targeted for a cyber attack this year, an increase of 25 percent in the past five years.

And your greatest vulnerability is not a software defect or network failure – it’s the people working in your office.

“You might have an incredibly talented, diverse group of professionals at your organization,” says this 2019 cyber threat report from Mimecast. “But cybersecurity’s dirty little secret is that no matter how skilled your employees are, they still usually represent your biggest risk. Research shows that human error ranks even higher for cyber risk than software flaws and vulnerabilities. So high, in fact, that it’s a contributing factor in more than 90 percent of breaches.”

Reducing the human risk factor starts with awareness and education. Everyone in your office – starting with the top leaders – must make cybersecurity a priority. The consequences of doing nothing could be catastrophic.

Protect your practice by attending our free CLE webinar on August 14 on “Top 10 Things to Prevent a Data Breach.” It’s just one benefit of membership in Alta Pro Lawyers RPG. Learn how to join here.

Awareness is the Starting Point
Increasingly, law firms are providing cybersecurity training to their employees. One in four offers training at least once a month – an increase of 11 percent since last year.

Simulated attacks and penetration tests are effective ways to identify vulnerabilities. If you’ve conducted a real-life test in your office, you know that the results can be eye-opening.

“Mimecast recently conducted a phishing simulation with a 6,500 employee software company that does not provide awareness training,” says this cloud-based email security source. “The results showed that more than 500 employees clicked on a phishing email link in under a second. Thankfully, there’s a flipside to this: when properly trained, alert and aware, your people can serve as an integral part of your security program and your first line of defense.”

Another key to prevention: understanding what is at stake. Of organizations (not just law firms) that experienced an email-based impersonation attack in the last 12 months, 39 percent lost data, 29 percent lost financial information, and 28 percent lost customers. This doesn’t account for reputational damage and loss of client trust.

In the wake of a significant attack, some firms have even had to close their doors.

6 Tips for Effective Cybersecurity Training
“The most widely used method (62 percent) of awareness training happens in a group session,” says Mimecast. “Following group training sessions, other popular methods include interactive videos highlighting best/worst security practices (45 percent), formal online testing (44 percent), reference lists of tips (44 percent) and one-on-one training sessions (44 percent).”

Here are 6 tips for cyber training in your firm:

  1. Make it a process, not an event. Training should be consistent, ongoing and constantly updated to keep up with evolving threats. Mimecast recommends supplementing your training with phishing simulations. Develop a system to identify higher-risk employees and give them additional or enhanced training.
  2. Make it engaging. The more lively the training, the more likely its lessons will sink in. Make it fun. Give prizes for correct answers.
  3. Make it relevant. Use scenarios that actually arise in the office. Discuss recurring problems and risky situations.
  4. Make it mandatory. Your office is only as strong as its weakest link.
  5. Make it happen at least quarterly. Any less than that and interest wanes, retention dips, and effectiveness falls flat.
  6. Make it meaningful. Bring in an outside company to do the job.

How do you approach cybersecurity awareness in your firm?

Alta Pro Lawyers RPG can help with your cybersecurity training. Our Pro Practice Playbook is full of tips and pointers. Our free webinars – like the August 14 program “Top 10 Things to Prevent a Data Breach” – keep you up to date. And for extra security, we offer comprehensive cyber-liability insurance protection. Find out more here.

Share

Print Friendly, PDF & Email

Related Posts on Altaprorpg.com!

Alta Pro Logo Icon

About the Editorial Staff

In an age of consolidation where increasingly impersonal transactions have made customer service an oxymoron, we bring together independent agents, insurance companies, and other industry specific service providers to develop and deliver insurance products and risk management solutions that benefit our insurance customers.

June 12, 2024 1:00 pm EST
1.0 Ethics Credit
September 18, 2024 1:00 pm EST
1.0 Regular Credit
December 11, 2024 1:00 pm EST
1.0 Ethics Credit

Join Our Newsletter

Occasional newsletters and CLE invites

Find Us on Social

Upcoming CLE Webinar: Cybersecurity Ethics : Start with the Basics

June 12, 2024 1:00 pm EST
CLE Credit: 1.0 Ethics

David G. Ries

Clark Hill

Archives

Need Help?

Visit our Frequently Asked Questions page. 

Or email us directly at info@altaprorpg.com

Or submit your issue in the comment form below and we will respond as soon as possible.