Shotwell Icon NEW: Find out your Business Risk Profile by taking the Embroker Risk Archetype Quiz today NEW: Find out your Business Risk Profile by taking the Embroker Risk Archetype Quiz NEW: Find out your Business Risk Profile with the Embroker Risk Archetype Quiz Risk Archetype Quiz is Live
Tom Lambotte September 2, 2022 5 min read

How to Drive Law Firm Cybersecurity

Man presenting laptop with digital design as an example how to recover from a cyber attack

Table of Contents

Looking for ways to drive law firm cybersecurity? The truth about cybersecurity is similar to the truth about car safety. No matter how good of a driver you are and how safe your car is, you’re at risk every time you hit the road. And no matter how strong your cybersecurity is, you will still be at risk of experiencing a data breach.

The problem when making these comparisons, however, is that you most likely practice safe driving already. For instance, you wear your seatbelt. Your car has airbags, anti-lock brakes, shatter-resistant glass. Even lights, mirrors, and bumpers are most certainly safety features. Safety features continue to evolve. Most new cars come with rear-view cameras, blind spot detection, lane departure warning, automatic emergency braking, and adaptive cruise control.

Every time you get in your car, you put your confidence in multiple layers of safety protections all around you. You know they won’t give you 100% protection if something happens, but you still count on them to protect you in the event of an accident or something else beyond your control.

The single best safety system is a layered system. As it is for your car, so it is with cybersecurity. If you want to reduce your chances of falling victim to a data breach and having to endure the extremely painful blowback of such an event, you should do everything you can to protect yourself, your business, and your clients.When it comes to cybersecurity, you’ve got the bare minimum you should always do to protect your firm and confidential data. 

What Are the Steps for Basic Law Firm Cybersecurity?

  • Secure, unique passwords
  • Full-disk encryption
  • Data backups

These are similar to lights, bumpers, and mirrors. They should be used regularly, and with the best practices in mind. However, a quick glance at recent cyber attacks statistics will tell you that while these are basic steps to ensuring cybersecurity, most people still don’t use unique, secure passwords. (We’re looking at you, Password1).

You might have a fully restored, beloved convertible that you dearly love. As it lacks most of today’s safety features, however, that will  not be the car you use to lug around the kids on errands and chauffeur to soccer games. That vehicle you do use to play caring parent?  That would be the one with all of the safety features mentioned above. Why? Precious cargo. The kids, the spouse, the pets, the family and friends you wouldn’t want to put in harm’s way.

When it comes to law firm cybersecurity, it is precious cargo as well—your source of income, livelihood, and the welfare of your clients and employees. It is also the source of data that, in the wrong hands, could endanger many. The vehicle you drive impacts not only who and what you care about, but also the lives of everyone else out on the road.

Two people in chat bubbles for lawyers talk to a broker call out

Talk Now

Do you have questions about legal malpractice insurance or any other policies your law firm might need? Don’t hesitate to reach out to an expert broker from our dedicated legal practice.

Talk To A Broker

And it would help if you were doing far more than the bare minimum when it comes to protecting your firm. Most solo and small law firms vastly underestimate the risk and damage caused by experiencing a data breach. 

According to the National Cyber Security Alliance, 43% of cyber-attacks target small businesses. And 60% of small companies go out of business within six months of a data breach, according to the US National Archives & Records Administration.

This is why it’s so important to have multiple layers of security. Layers upon layers of defense. The more you have, the better protected you’ll be. The problem is that the cybersecurity market is flooded with options. It can be challenging for a small business to determine what security layers they should be using.

What Layers of Law Firm Cybersecurity Should You Have?

A layered security system uses multiple levels or types of defenses to protect data and systems from being compromised. These will make up the bulk of your law firm cybersecurity. The key here is to have different layers independent of each other. That way, if one layer fails, the others can still provide protection.

The equivalent of the seatbelt (which was slow to be adopted but makes a massive impact) is multi-factor authentication, better known as 2FA. Turn it on for your email: work and personal. Then turn it on for other accounts with sensitive info or anything related to financials, such as credit cards or bill pay.

Another layer of law firm cybersecurity is a password manager. Anyone not using a password manager is currently posing a risk to their law firm. Without a password manager to create and store unique passwords, you likely are using 1-3 passwords for all your accounts. And yes, they are likely very similar to one another. As soon as one of the sites you used gets breached (entirely out of your control), all your other accounts will be at risk.

These are just two layers of law firm cybersecurity. Your firm requires more. The top cybersecurity solutions recommended for small law firms and businesses include more involved training and technology to ensure safety.

Law Firm Cybersecurity: Advanced Techniques

  • Law firm cybersecurity training
  • Phishing simulation
  • IT security policies
  • Dark Web monitoring
  • Team-based password manager
  • Automated patching and updates for your Mac/PC
  • Cloud-to-cloud Backup for 365 or G-Workspace
  • Automated Phishing Defense Platform

Your best bet to implement these law firm cybersecurity tactics within your firm is to find a provider that can take the complexity off your plate and configure and implement these services. 

Just like having all the latest safety features in your vehicle is a good investment and an intelligent move, investing in law firm cybersecurity, backed by cyber insurance and the right tech stack, is a smart business move. It’s better to have law firm cybersecurity and not need it than to need it and not have it.

This article was provided by Tom Lambotte, a cybersecurity expert who has been in the tech support industry for over a decade. Tom founded BobaGuard in 2019, which offers turnkey solutions to solo lawyers and small-to-medium law firms. In addition, Tom is also the CEO and Founder of GlobalMac IT, an established managed service provider specializing in serving lawyers nationwide who use Macs by implementing his Proven Process™. 

Related Articles

Plumbing License Requirements

Plumbing License Requirements

20 min read

This guide covers everything you need to know about plumbing license requirements and insurance for plumbers in each state.

Read More
Law Firms Are a Target for Cybercriminals

Law Firms Are a Target for Cybercriminals

5 min read

This article has been provided by Tom Lambotte, founder and CEO of BobaGuard, a partner of Embroker. Tom advises law firms on cybersecurity and helps protect them from cyber attacks, including cybercriminals. In this article, Tom explains that law firms, particularly small and solo, need to understand who and what cybercriminals target. – There’s a […]

Read More