Tom Lambotte October 13, 2022 5 min read

How to Drive Law Firm Cybersecurity

Man presenting laptop with digital design as an example how to recover from a cyber attack

Looking for ways to drive law firm cybersecurity? The truth about cybersecurity is similar to the truth about car safety. No matter how good of a driver you are and how safe your car is, you’re at risk every time you hit the road. And no matter how strong your cybersecurity is, you will still be at risk of experiencing a data breach.

The problem when making these comparisons, however, is that you most likely practice safe driving already. For instance, you wear your seatbelt. Your car has airbags, anti-lock brakes, shatter-resistant glass. Even lights, mirrors, and bumpers are most certainly safety features. Safety features continue to evolve. Most new cars come with rear-view cameras, blind spot detection, lane departure warning, automatic emergency braking, and adaptive cruise control.

Every time you get in your car, you put your confidence in multiple layers of safety protections all around you. You know they won’t give you 100% protection if something happens, but you still count on them to protect you in the event of an accident or something else beyond your control.

The single best safety system is a layered system. As it is for your car, so it is with cybersecurity. If you want to reduce your chances of falling victim to a data breach and having to endure the extremely painful blowback of such an event, you should do everything you can to protect yourself, your business, and your clients.When it comes to cybersecurity, you’ve got the bare minimum you should always do to protect your firm and confidential data. 

What Are the Steps for Basic Law Firm Cybersecurity?

  • Secure, unique passwords
  • Full-disk encryption
  • Data backups

These are similar to lights, bumpers, and mirrors. They should be used regularly, and with the best practices in mind. However, a quick glance at recent cyber attacks statistics will tell you that while these are basic steps to ensuring cybersecurity, most people still don’t use unique, secure passwords. (We’re looking at you, Password1).

You might have a fully restored, beloved convertible that you dearly love. As it lacks most of today’s safety features, however, that will  not be the car you use to lug around the kids on errands and chauffeur to soccer games. That vehicle you do use to play caring parent?  That would be the one with all of the safety features mentioned above. Why? Precious cargo. The kids, the spouse, the pets, the family and friends you wouldn’t want to put in harm’s way.

When it comes to law firm cybersecurity, it is precious cargo as well—your source of income, livelihood, and the welfare of your clients and employees. It is also the source of data that, in the wrong hands, could endanger many. The vehicle you drive impacts not only who and what you care about, but also the lives of everyone else out on the road.

Two people in chat bubbles for lawyers talk to a broker call out

Talk Now

Do you have questions about legal malpractice insurance or any other policies your law firm might need? Don’t hesitate to reach out to an expert broker from our dedicated legal practice.

Talk to a Broker

And it would help if you were doing far more than the bare minimum when it comes to protecting your firm. Most solo and small law firms vastly underestimate the risk and damage caused by experiencing a data breach. 

According to the National Cyber Security Alliance, 43% of cyber-attacks target small businesses. And 60% of small companies go out of business within six months of a data breach, according to the US National Archives & Records Administration.

This is why it’s so important to have multiple layers of security. Layers upon layers of defense. The more you have, the better protected you’ll be. The problem is that the cybersecurity market is flooded with options. It can be challenging for a small business to determine what security layers they should be using.

What Layers of Law Firm Cybersecurity Should You Have?

A layered security system uses multiple levels or types of defenses to protect data and systems from being compromised. These will make up the bulk of your law firm cybersecurity. The key here is to have different layers independent of each other. That way, if one layer fails, the others can still provide protection.

The equivalent of the seatbelt (which was slow to be adopted but makes a massive impact) is multi-factor authentication, better known as 2FA. Turn it on for your email: work and personal. Then turn it on for other accounts with sensitive info or anything related to financials, such as credit cards or bill pay.

Another layer of law firm cybersecurity is a password manager. Anyone not using a password manager is currently posing a risk to their law firm. Without a password manager to create and store unique passwords, you likely are using 1-3 passwords for all your accounts. And yes, they are likely very similar to one another. As soon as one of the sites you used gets breached (entirely out of your control), all your other accounts will be at risk.

These are just two layers of law firm cybersecurity. Your firm requires more. The top cybersecurity solutions recommended for small law firms and businesses include more involved training and technology to ensure safety.

Law Firm Cybersecurity: Advanced Techniques

  • Law firm cybersecurity training
  • Phishing simulation
  • IT security policies
  • Dark Web monitoring
  • Team-based password manager
  • Automated patching and updates for your Mac/PC
  • Cloud-to-cloud Backup for 365 or G-Workspace
  • Automated Phishing Defense Platform

Your best bet to implement these law firm cybersecurity tactics within your firm is to find a provider that can take the complexity off your plate and configure and implement these services. 

Just like having all the latest safety features in your vehicle is a good investment and an intelligent move, investing in law firm cybersecurity, backed by cyber insurance and the right tech stack, is a smart business move. It’s better to have law firm cybersecurity and not need it than to need it and not have it.

This article was provided by Tom Lambotte, a cybersecurity expert who has been in the tech support industry for over a decade. Tom founded BobaGuard in 2019, which offers turnkey solutions to solo lawyers and small-to-medium law firms. In addition, Tom is also the CEO and Founder of GlobalMac IT, an established managed service provider specializing in serving lawyers nationwide who use Macs by implementing his Proven Process™. 

Related Articles

Embroker 2023 Risk Index Report: Plans for Survival Post-SVB?

Embroker 2023 Risk Index Report: Plans for Survival Post-SVB?

3 min read

The startup environment feels like it’s shifting more rapidly than ever. And it’s no wonder: founders are facing unprecedented event after unprecedented event in 2023. This has continued for over three years and shows no signs of slowing down. For founders, this “new normal” is beginning to feel all too familiar. At Embroker, we wanted […]

Read More
From Vulnerable to Secure: How Law Firms Can Find the Right Cybersecurity Solutions Provider

From Vulnerable to Secure: How Law Firms Can Find the Right Cybersecurity Solutions Provider

3 min read

Cyber threats are evolving rapidly and increasing in frequency. It is critical for law firms to protect themselves and their clients’ sensitive information from potential cyber-attacks. According to CISA, 47% of American adults have had their personal information exposed by cybercriminals. This means that every law firm owner, managing partner, and firm administrator needs to […]

Read More