With the FBI and CISA warning of increased Russian hacking threats targeting US businesses, the White House outlined 8 cybersecurity steps to take, with multi-factor authentication at the top — all of which are critical to law firms of all sizes.
Legal cybersecurity expert Sharon Nelson points out in her recent post on their Ride the Lightning blog that the suggested security steps are important for law firms regardless of how active Russian hacking threats really are. (Don’t forget: Small and midsized law firms have recently been slammed by ransomware.) The top recommendation is for businesses to deploy multi-factor authentication (MFA), which we’ve encouraged lawyers to use in this guest post on our blog last year from Sharon Nelson and Sensei VP John Simek. The remainder of the cybersecurity steps outlined by the White House:
(1) Deploy modern security tools on your computers and devices to continuously look for and mitigate threats
(2) Make sure that your systems are patched and protected against all known vulnerabilities, and change passwords across your networks so that previously stolen credentials are useless to malicious actors
(3) Back up your data and ensure you have offline backups beyond the reach of malicious actors
(5) Encrypt your data so it cannot be used if it is stolen
(6) Educate your employees to common tactics that attackers will use over email or through websites
(7) Work with FBI and CISA to establish relationships in advance of any cyber incidents.”
Free & Confidential Consultations:
Lawyers, law students, and judges in Massachusetts can discuss concerns with a law practice advisor, licensed therapist, or both. Find more on scheduling here.