Many of us spend this time of year frantically searching for the perfect gift for our loved ones. If you were looking for the perfect gift for a hacker, you would have to look no further than your nearest Law firm. Sure, a doctor’s office would be great, too – they can yield lots of confidential personal information that would be ideal for identity theft or blackmail, if that’s your thing. But Law Firms? They’re the PERFECT gift for hackers. They have all the personally identifiable information of a doctor’s office but they also come with all sorts of goodies like confidential client personal AND business information, collection data, legal tactics and strategies, contract negotiations, financial records and data, and everything in between. For hackers, law firms are the proverbial Pony under the tree.
Because they are such a low hanging, juicy fruit, Law Firms are threatened by every faction of cyber criminals – from the lone wolf to foreign governments. Foreign governments? You bet and they happen all the time. You never hear about them because law firms aren’t nearly as headline friendly or click worthy as, say, Apple, Target, or Yahoo. Nevertheless, countries like China, Russia, and Iran have teams of hackers carrying out cyber-attacks on US businesses on a daily basis. Next up, we have the lone wolf hackers trying to make a buck either by stealing your client’s information or by installing ransomeware on your system, or both. Finally we have your rivals. If you’re involved in a high profile case you have to consider that hacking into your records whether to gain an edge or to just plain destroy your firm won’t always be beneath a desperate opponent.
We live in a different world than the one we grew up in. Back then, if you wanted to steal information from a law firm you had to physically break in and risk getting caught. The shame of getting caught is what deterred the ones who weren’t already deterred by their own ethics. Now it’s an anonymous crime with very little chance of getting caught – of being held accountable. Often the worst thing that happens to a hacker is that what they find isn’t as profitable as they hoped and they wasted their time. This High-Yeild/Low Risk scenario attracts far more individuals than would ever consider physically breaking into an office.
What can you do about it? You must act to protect your firm on two fronts – prevention and protection.
PREVENTION – Find and vet an IT Firm that either handles Law Firms exclusively or has extensive experience with Law Firms. They will know the latest tech being used against you and how to counter it. They will know how to connect your office securely all while keeping you in compliance with HIPAA regulations. Most of the time they will prevent a hacker from getting that pony.
PROTECTION – But all it takes is once. Find an Insurance Broker, like The Kerr Agency, who handles Professional Lines exclusively. We know Malpractice and Cyber Liability Insurance inside and out and will get you an insurance policy that will actually protect you
Written by: Dan Scaggs