Dispel Cybersecurity Myths at the Law Firm - Technologist
Technologist - The FindLaw Legal Technology Blog

Dispel Cybersecurity Myths at the Law Firm

In Greek mythology, Phobos was the bloody god of fear in war. Worshipers built him a temple of skulls. His name brought panic and flight.

Thousands of years later, Phobos spawned the word "phobias." It means an irrational fear of something or someone. Today, fears of being hacked and encountering cyber-terrorism have created their own myths.

The cybersecurity threats are real, but not all fears were created equal. Here are a few myths:

1. Cyber Attacks Only Target Big Business

It's true that big companies like Yahoo and LinkedIn have been hacked. But it's also a myth to believe that only big companies are targeted. Law firms, both large and small, have been attacked.

In fact, most hackers do not target businesses per se. They attack vulnerable systems, wherever they may be. Those vulnerabilities often exists in computer systems used by individuals and small businesses.

Translated in the legal world, that means solos and small firms are vulnerable. If you are using an off-the-shelf computer with generic protections, such as pre-installed firewalls, you and your firm are at risk. That's why somebody or something in the firm needs to be on guard to update systems and software.

2. Good Firewalls Will Protect Us

The problem here is that not all security breaches come from the outside. Remember the Greek story of the Trojan Horse? Well, it wasn't just a wooden horse filled with soldiers that got into Troy so many years ago.

Modernly, a Trojan horse is malicious software that gets into computers when somebody innocently lets it in. The program opens a "backdoor" to the computer system and allows a remote user to take over.

While firewalls and virus protections may catch hackers coming in through email, they don't prevent anyone from walking into the office with an infectious program. In an age when everybody carries a computer in their pocket, you don't know where that mobile device has been.

3. Technical Support Can Fix It

It is a good idea to work with technical experts because they know more about technology than lawyers know. The myth is that good tech is good enough.

In addition to protecting the systems, the real need is to protection information. Cybersecurity should include a good document management program with multiple levels of security to control who can access, read, delete, or edit the document, both internally and externally.

Finally, perhaps the real myth is that cybersecurity threats live in a virtual world. In fact, people need to be secure as well. You shouldn't take secure client information out into their world -- on cell phones, laptops, and other mobile devices -- without reasonable protection.

Related Resources: