Wouldn't it be nice if security threats remained the same? We would only have to implement a single type of protection for each risk -- and that's that. No need for a deadbolt because the regular doorknob lock works. Car alarms were never invented because door locks worked fine. Cybercriminals couldn't shut down your network or ransom your files because you had anti-virus software installed.
Unfortunately, that is fantasyland. However, sometimes we treat our networks and endpoints as if they operate in that idealized world.
The following scenario has likely played out when law firms try to lock down their network and protect client data. Careful research is completed and the appropriate software purchased, installed and activated. All concerned feel they have performed their due diligence to protect the law firm’s systems.
Mere months later, the law firm’s information will be breached. After careful investigation, it is discovered that a vendor improperly disposed of an old lease computer. Additional investigation reveals several logs indicating breaches with login attempts. Why did this breach happen? The firm did their due diligence and selected the right solution and yet, they were still compromised. The firm fell into the trap of setting the solution and forgetting it. In the meantime, threats continued evolving and one found a vulnerability bypassing the security implemented.
It's critical to re-evaluate your law firm’s cybersecurity on a fairly routine basis. Reviewing logs and, even better, setting up a monitoring solution to alert IT when certain events are detected should be considered.
As threats evolve, so do law firms’ defense solutions – but those solutions must be regularly updated, patched, revisited, and new features activated and documentation updated.
To truly lock down your law firm’s network and endpoints, layered security -- that is, defense-in-depth -- is needed. Just as you back up your car's door locks with an alarm and your front door with a deadbolt, your law firm's cybersecurity depends on attention, upgrades and redundancy.
So, don't just "set it and forget it."
Download our recent white paper for more advice on countering the "Top 5 Cybersecurity Threats Facing Law Firms."
This is the second post in a five-post series on hardening your law firm against cybersecurity threats. The first post, on Hashcat and password security, can be found here. Part three will be published next Tuesday.