In mid-2019, we held our first online security summit bringing together legal, cybersecurity and IT professionals to discuss law firms' responsibility to manage cybersecurity, including risk management, potential future threats and steps firms should take to ensure the security of their firms' and clients' data. Our third most popular blog post from 2019 was the invitation to the summit. 

Topics: Technology Consulting, IT Tips, cybersecurity, phishing, Business Continuity

Our fourth most popular blog of 2019 falls outside the strict theme of "business continuity" as it was a recount of a personal phishing attack I experienced (and have experienced again since). Nonetheless, it is just these personal attacks that lead to cybersecurity breaches of larger organizations. In fact, cybercriminals are often able to reuse the credentials they discover in successful cyberattacks against individuals' personal data to access corporate and other accounts. 

Topics: Technology Consulting, IT Tips, cybersecurity, phishing, Business Continuity

Gone are the days of naively assuming our confidential data is secure. Increasingly, clients, stakeholders, regulators and others are demanding proof that firms are actively protecting the personally identifiable information to which they have access, and this evidence is being demanded both before and after security incidents. It is imperative law firms have the positions and processes in place to handle security incidents with urgency, accuracy and completeness.

 

Topics: cybersecurity, Articles, Client Audits, Privacy

Prepare your technology for a safe and productive 2020 by:

Topics: Technology Consulting, IT Tips, cybersecurity, Passwords, HackNotice

The California Department of Justice announced today it will hold four public hearings to provide all interested persons the opportunity to present statements or comments on the proposed regulations for the California Consumer Privacy Act of 2018 (CCPA).

Topics: cybersecurity, CCPA, Privacy, Regulation

Topics: cybersecurity, Federal Trade Commission, CCPA

In January 2020, law firms and their clients doing business with Californians will need to ensure they are complying with the state's new consumer privacy protection law. While enforcement does not begin until mid-year, firms should determine whether they or their clients are regulated under the new law, identify any necessary compliance measures they are lacking and begin their implementation now.

 

Last week, we looked at the businesses covered by the CCPA. Now, let's look at what they need to do to prepare for compliance.

Topics: cybersecurity, CCPA

In January 2020, law firms and their clients doing business with Californians will need to ensure they are complying with the state's new consumer privacy protection law. While enforcement does not begin until mid-year, firms should determine whether they or their clients are regulated under the new law, identify any necessary compliance measures they are lacking and begin their implementation now.

Topics: cybersecurity, CCPA

Last week, California Attorney General Xavier Becerra released to the public  proposed regulations under the California Consumer Privacy Act (CCPA).

Topics: Technology Consulting, cybersecurity, CCPA

Shortly after I signed off of work last night, I checked my smartphone for the first time in an hour or so and discovered I'd missed a call. The waiting voicemail claimed to be from Amazon customer service warning me my account had been compromised by the unauthorized purchase of a refurbished $650 iPhone 6. The purchase had been stopped, the caller said, but my Amazon account would be closed if I did not call them back at 1-866-850-3558. 

Topics: cybersecurity, phishing, Cybercrime

Two-factor authentication is like a fence. It works really well when it’s used correctly.

Topics: Alerts, cybersecurity, Two Factor Authentication, 2FA

The monstrous cost of cybersecurity failure is demonstrated in headlines daily:

Topics: cybersecurity, Cybercrime, End of Life

It happens so innocently: an employee logs into email, sees a message that his password needs to be updated in Outlook and clicks on the link provided. But the email wasn’t generated by Microsoft, it was sent from a cybercriminal who had an email address that looked legitimate. Suddenly, an attack has been launched on your employee and your firm.

The time is now to better understand your firm’s weaknesses. What systems are vulnerable? How can you best secure the environment? How can you best secure data stored in the cloud? How can you best secure on-premises infrastructure? How do you secure your firm’s general computing environment?

Our article “The Top 6 Penetration Testing Fails” will help you answer these extremely tough questions.

We'd love to share advice on enhancing your firm's cybersecurity. Call us at 1-800-541-0450 or email us at sales@innovativecomp.com to get started. 

 

Topics: cybersecurity, Cybercrime, Articles, Information Security, Penetration Testing

Everyone needs to know what to do in the event of a successful cyberattack.

Topics: Security, Training, Technology Consulting, cybersecurity, Ransomware, FBI Internet Crime Complaint Center, US-CERT, IC3, Secret Service, PII, Federal Trade Commission, Cybercrime, Publications, Articles, Information Security

Topics: cybersecurity, End of Support, Microsoft, End of Life, Server 2008