Chat with us, powered by LiveChat
678-389-6200

Is your law firm as secure as it could be?

Research shows that most law firms are confident about their cybersecurity – but are they really as safe as they believe?

Cybersecurity and Your Law Firm

The legal sector is facing truly challenging opponents outside of the courtroom – cyber criminals.

The stakes have never been higher

These rising threats are why cybersecurity is becoming a more common topic of discussion in the legal industry. And while surveys have shown that 80% of legal organizations consider their cybersecurity to be sufficient, that may not be the case.

Why Are Law Firms Targets For Cybercriminals?

The short answer is that law firms store lots of private data about their clients. “Law firms present a tempting target for cybercrime,” says Jason Rorie, CEO of MSP Overwatch. “Their servers hold incredibly valuable personal information.”

“Cybercriminals tend to focus on targets that are rich in personal or financial data,” adds Rorie. “They gain access to the data through ransomware or a breach, then sell it on the Dark Web to other criminals who use it in a number of ways.”

Stolen private data is used for everything from voter fraud to opening credit accounts. This activity often happens months after the initial theft of the data.

How Are Legal Firms Addressing Cybersecurity?

Recently, a third of in-house counsel respondents in “The State off Cybersecurity Report: an in-house perspective” reported that they had experienced a data breach. Cybercrime is only expected to grow from here, with the occurrence rate of data breaches estimated to increase by 22.5% each year up to 2023. According to a recent study by the American Bar Association (ABA):

  • 75% of firms are using some anti-virus software.
  • 58% of responding firms are using a firewall or anti-phishing software.
  • 33% of firms are using email encryption software.
  • 25% are using device encryption software.
  • 17% of law firms have some directory security in place
  • 25% of firms train their staff on cybersecurity best practices

At mPowered IT, we have the experience and solutions needed to keep you safe through this year’s challenges and beyond. To learn more reach out to us at 678-389-6200 or schedule a free zero obligation consultation here.

20 Personal Cybersecurity Tips

Social media can do wonders for you as an individual, as well as if you are running your own online business. It can help you build a loyal following, spread word and awareness about your brand, and reach out to other like-minded people, as well as customers. And the best about it is that it’s incredibly easy to do, since everyone you are looking for is already there.

However, because the power of social media is so easy to utilize, most people let their guard down when it comes to cybersecurity, which can come back to haunt them at some point in the future, in a number of different ways. In order to avoid that, let’s take a look at 20 ways in which you can prevent a cybersecurity issue on social media sites.

Cybersecurity Tip #1 – If You’re Online, You’re At Risk – If you have money (doesn’t matter how much), data (usernames, passwords, documents, emails, etc.) or a place to work, you’re going to be targeted.

Cybersecurity Tip #2 – Shop Online Safely

  • Always use trusted (private) networks
  • Use strong passwords
  • Don’t shop on shady websites
  • Never save credit card to an account
  • Verify your transactions weekly to look out for suspicious activity

Cybersecurity Tip #3 – When In Doubt, Don’t Plug It In – Never use a USB flash drive from an unknown source. External media can be infected with malware.

Cybersecurity Tip #4 – If There’s 2FA, Use It – Use two-factor authentication everywhere you can. it’s one of the simplest and most effective security layers you can employ.

Cybersecurity Tip #5 – Lock Up Your Device – Never leave your laptop, smartphone, or tablet unlocked.

Cybersecurity Tip #6 – Trace Your Steps

  • Make a list of your online accounts
  • Set strong passwords for all of them
  • Delete the accounts you haven’t used in the past 6 months

Cybersecurity Tip #7 – Keep Everything Updated – Always keep your operating system and applications up to date. Updated often patch security vulnerabilities.

Cybersecurity Tip #8 – Don’t Overshare On Social

  • Remember that nothing posted in public forum is ever truly private
  • Think about what is being posted and who can take advantage of these posts

Cybersecurity Tip #9 – Keep It Clean – Never install software or apps from shady sites. Stick to trusted sources and approved app stores.

Cybersecurity Tip #10 – Avoid Bad Neighbors – Torrent sites? Adult sites? Yeah. They’re often loaded with malware.

Cybersecurity Tip #11 – Check Before You Click – Never click links in an email until you’ve verified their legitimacy.

Cybersecurity Tip #12 – Watch For Red Flags – A few common ways to scam people through email or SMS:

  • Free Offers
  • Creating Urgency
  • Shocking “News”

Cybersecurity Tip #13 – Don’t Wait Until It Happens – A lot of people wait until they become a victim of cyberattack before taking the risk seriously. Don’t be one of them.

Cybersecurity Tip #14 – Trust No One – Cliché? A little, but it’s really good advice when you’re talking about the internet.

Cybersecurity Tip #15 – Cover Your Webcam – Any camera that’s connected to the internet can be hacked, and yes, it’s actually -really- easy to do.

Cybersecurity Tip #16 – Stop Checking In On Your Phone – Real-time check-ins give anyone who’s online detailed information about your location, habits, and vulnerabilities.

Cybersecurity Tip #17 – Remove Geotags From Your Images And Posts – Even if you don’t think you need hide your location from anyone now, that might not always be the case. Someone with malicious intent could easily track you or find your home address by looking through your public images.

Cybersecurity Tip #18 – Paid Antivirus Is Worth It – Get protection for your connection. Free antiviruses work, but paid solutions are well worth the investment. (Don’t forget to add antivirus to your mobile devices, too!)

Cybersecurity Tip #19 – Look For The “S”… – …In “https://”, that is. This denotes a secured website, and you should only input important data into secured websites.

Cybersecurity Tip #20 – Use Multiple Email Accounts – It’s wise to have a “throwaway” account for social media that’s separate from the email you use for things like banking. This limits the potential access that hackers will gain with a single breach.

At mPowered IT, we have the experience and solutions needed to keep you safe through this year’s challenges and beyond. To learn more reach out to us at 678-389-6200 or schedule a free zero obligation consultation here.

20 Cybersecurity Tips for Small Businesses

Protecting your small business against cyber crime should be your top priority. If you don’t have proactive security measures in place to protect your IT network, it’s only a matter of time before it will be attacked. Below are 20 cybersecurity tips for small businesses. Continue reading to ensure your business has the protection it needs to avoid a devastating data breach.

Security Tip #1 – Use Strong Passwords – The most commonly used method for hacking accounts is password spraying, which only works when passwords are weak.

Security Tip #2 – Don’t Feed The Fish – 64% of businesses experienced phishing and social engineering attacks in 2019.

Security Tip #3 – Train For Awareness – 32% of breaches involve phishing – phishing awareness and education are some of the best ways to decrease risk.

Security Tip #4 – Scan The Dark Web – 64% of Americans have never checked to see if they were affected by a data breach.

Security Tip #5 – Be Wary Of Mobile Apps – In 2018, an average of 10,573 malicious mobile apps were blocked per day.

Security Tip #6 – Use Two-Factor Authentication – 2FA can stop the vast majority of current account hacking attempts.

Security Tip #7 – Focus On Cyber Hygiene – Most cybersecurity issues can be addressed by correcting the fundamentals.

Security Tip #8 – Think Before Clicking– Any email or SMS link could be hiding malicious code.

Security Tip #9 – Create A Training Plan – Staff cybersecurity training should begin at onboarding.

Security Tip #10 – Bring In Experts – IT security professionals bring the tools and expertise needed to lock down your business.

Security Tip #11 – Recognize And Reward – Acknowledge employees who report phishing emails or other attacks.

Security Tip #12 – No Business Is Too Small – Breaches affect organizations of all sizes.

Security Tip #13 – Encrypt Your Data – This adds an extra layer of security should your data ever be compromised.

Security Tip #14 – Test Your Backups – Make sure you can rely on your recovery solution.

Security Tip #15 – Verify Financial Transactions – Check with the CFO or manager before sending funds or changing payment arrangements.

Security Tip #16 – Stick To Trusted Networks – Restrict business devices from using public wifi networks.

Security Tip #17 – Purge Stale Data – Data that’s no longer needed adds unnecessary risk to exposure or breach.

Security Tip #18 – Stay Up To Date – Follow cybersecurity trends and breaking news so that you can stay prepared.

Security Tip #19 – Monitor Personal Devices – If employees use them to access company data, they need to be monitored, protected, and kept updated.

Security Tip #20 – Get A Cyber Audit – Only a cybersecurity expert can truly evaluate your business’ cybersecurity posture.

At mPowered IT, we have the experience and solutions needed to keep you safe through this year’s challenges and beyond. To learn more reach out to us at 678-389-6200 or schedule a free zero obligation consultation here.

 

10 Cybersecurity Threats to Watch in 2021

Cybercrime affects everyone, but business owners tend to have the biggest targets painted on their backs. Contrary to popular belief, small businesses are often more heavily targeted than large enterprises. Why?

Because they’re usually easier targets.

Recent research suggests that most small companies have unprotected data and poor cybersecurity practices in place, making them vulnerable to data breach or ransomware attacks. Small business owners are usually too busy trying to manage their day-to-day operations to worry about things like IT defense, cybersecurity awareness training, or a staff-wide culture of cyber safety.

Hopefully, you’ve already begun taking a more serious stance toward cybersecurity. As you do so, take note of the ever-evolving nature of the cyber threat landscape and what new dangers are out there.

The following is a list of growing cybersecurity threats you’ll likely hear more about this year both inside and outside of the business world:

1. Deepfakes

Deepfakes are created with “deep thinking” artificial intelligence technology creates fake images, videos, or sounds that appear to be real. These are often used to mislead the public by making it appear that a politician or celebrity said or did something that never actually happened.

Deepfake voice technology allows people to spoof the voices of other people — often people in power. The potential of issuing fake orders to subordinates or making fraudulent statements to the press is very high and could be used in all sorts of manipulation ploys.

2. AI-driven cyberattacks

As with any new technology, AI is a double-edged sword. Although it’s being used to help with cybersecurity, AI has also been co-opted by bad actors to create and execute cyberattacks.

Using artificial intelligence, cyber criminals are able to create programs that mirror human behavior or carry out large-scale cyber attacks through automation.

3. “Poisoning” Artificial Intelligence

Artificial Intelligence learns new models or systems over time. Usually, an AI has to pore through large amounts of data to establish patterns and learn a specific behavior.

During this learning period, cybercriminals can feed the AI program bad data in what’s known as a poisoning attack. The goal of the attack is to teach the AI something that benefits the hacker.

For example, if AI is supposed to be learning how to spot spam emails or network intrusion attempts, hackers can feed in data that teaches the AI to ignore something that should be a red flag. If carried out fully, these attacks can create backdoors through any number of AI-driven systems.

4. Disinformation in social media

Spreading disinformation has been a manipulation tactic for as long as people have been communicating. The challenge we’re facing in the information age is that disinformation can be spread very quickly with almost no chance of stopping its momentum.

Although this is largely blamed on social media, many believe that a lack of critical thinking skills in the general population is not helping the matter. Bad actors know that this is a human weakness and are using disinformation to great effect.

5. New cybersecurity challenges that 5G creates

New technologies always bring about new cybersecurity challenges, and most experts agree that 5G is no exception.

A 2019 study by Information Risk Management said that survey respondents worried that 5G technology will result in a greater risk of cyberattacks on Internet of Things (IoT) networks.

Cybersecurity is a constant back-and-forth, so cybersecurity experts aren’t so much worried as they are getting themselves prepared. If new threats or vulnerabilities emerge, they will respond to eliminate them.

6. Vehicle cyberattacks

Connecting cars and trucks sounds like a great idea from a standpoint of technological progress, but doing so opens up the possibility of cyberattacks which directly target vehicles.

Even with current vehicle-borne technology, hackers might be able to access or manipulate travel data, engine management, and onboard cameras and entertainment devices. Many worry that in the future, vulnerable computers will also be linked to safety or driver control systems.

7. Cloud jacking

More businesses are moving to the cloud, and more of the world’s most commonly used software is doing the same. Cloud jacking seeks to take advantage of this migration by infiltrating these programs and systems and using them to mine for cryptocurrency, leak data, or send out spoofing attacks.

8. Election security

Experts are concerned that hackers from other countries might target the voter-registration databases for state and local governments, with the intent to either destroy or disrupt this information. This could corrupt an election through fraud, or prevent large groups of people from voting at all.

This risk doesn’t just apply to the United States, but threatens any nation with a democratic process.

9. Ransomware attacks on the public sector

Hackers are ramping up attacks that target government bodies, including municipalities, public utilities, and fire and police departments. Using ransomware, these attacks hijack their computer systems until these government agencies pay a ransom. Since this method creates significant — and often dangerous — interruptions in public services, the ransoms are often paid without question.

10. Breaches in hospitals and medical networks

2020 saw what was reported as the first human death officially linked to a cyberattack. This occurred after cybercriminals hit a hospital in Düsseldorf, Germany with ransomware, resulting in treatment delays that led to a woman’s death.

Hospitals and other medical providers are prime targets for cybercriminals due to their importance and the sheer quantity of private information they access. The personal and financial information is extremely valuable on the dark web, and hospital administrators are often left with no choice but to pay ransoms to avoid human suffering.

Cyberattacks will only get worse as our reality becomes more intertwined with technology. What steps are you taking to ensure your business can face these new challenges?

If you’re like most, you’re wondering how your organization can handle it all yourself. That’s where MSPs like mPowered IT can help. Rather than taking on new staff, you can place the security of your network and data in our capable hands.

We have the experience and solutions needed to keep you safe through this year’s challenges and beyond. To learn more reach out to us at 678-389-6200.

9 Cybersecurity Best Practices For Your IT Team

There are ways to protect business data against ransomware attacks. Here are 9 tips to help your IT team boost your business’ resilience to cyber attacks:

1. Renew your security risk assessment. Things change over time. If it’s been a while since your IT team has thoroughly assessed your information security posture, be sure to clear up some time on your schedule to get that taken care of!

2. Train your employees. Because cyber security threats are constantly evolving, an ongoing training plan should be implemented for all employees. Your IT provider or internal team should be able to arrange such training.

3. Get password hygiene under control. Implement a password policy that requires strong passwords and check for leaked employee accounts through dark web monitoring. For more comprehensive security, consider mandatory multi-factor authentication, ongoing network monitoring, and hard drive encryption.

4. Keep all devices updated. Your IT team should already be taking care of patching and updating the devices — but that may not include all of your staff’s personal devices, laptops, phones, or even smart devices in the office. Be vigilant about patch management for these devices, and speak to your IT team about adding coverage as needed.

5. Create straightforward cybersecurity policies. If your IT team hasn’t created internal information security policies, doing so should become a priority. Strict, documented policies are a critical part of an overall security strategy.

6. Consider your data backup policies. You should already be running a data backup solution as part of your IT strategy. (If not, now would be a good time to start!) Review how your data needs may have changed since first implementing this solution and determine if you need more frequent backups or other recovery options.

7. Conduct a practice restore. The best way to know if you have the right Backup and Data Recovery solution in place is to test it in a real-world scenario. If your IT team hasn’t conducted a practice restore to get a complete picture of what lies ahead in times of disaster, make it a priority.

8. Know where your data resides. The more places data exists, the more likely it is that unauthorized individuals will be able to access it. Your IT team should help you use data discovery tools to find and appropriately secure data and implement Software-as-a-Service (SaaS) applications that allow for corporate control of data.

9. Control access to computers. Use key cards or similar security measures to control access to facilities, ensure that employees use strong passwords for laptops and desktops. Administrative privileges should only be given to trusted staff.

Your IT department or IT provider should be your source of up-to-date, reliable cybersecurity information. Stay vigilant, stay informed, and always err on the side of caution.

To learn more, book a free, zero obligation custom consultation with the CEO of mPowered IT. You can also give us a call at 678-389-6200.

Web Analytics