Mitigating the Risk of a Cyberattack
| Publication year | 2022 |
| Pages | 10 |
August, 2022
DEPARTMENT | WHOOPS—LEGAL MALPRACTICE PREVENTION
BY JEFF SEVERINO AND CHRIS POWELL
WHOOPS, our firm chose not to evaluate and purchase cyber insurance coverage. What could go wrong? A civil suit? An investigation by the Office of Attorney Regulation Counsel? Or. worse, losing business for days or weeks or longer because a ransomware hacker locked us out of our files? The following discussion is presented courtesy of CNA and Lockton Affinity, the CBA's endorsed malpractice carrier and broker.
Over the last few years, the number of serious cyberattacks targeting law firms has surged, with hacks costing hundreds of millions of dollars and exposing sensitive client data. A cyberattack can cripple a firm's ability to operate and cause lasting harm to its reputation. Unfortunately, many advanced cybersecurity solutions are costly and difficult to implement, making the typical law firm a prime target for cybercrirninals.
One way to mitigate the increased risk of cyberattacks is to look to no-cost and low-cost solutions that can offer an immediate risk management benefit without added expense or complexity. Below are 12 no-cost or low-cost ways to help prevent cyberattacks on your business.
1. Identify Key Accounts and Systems.
An inventory of your vulnerabilities can help illuminate opportunities to protect them. Take a few minutes to think through all the key accounts and systems vital to your business. Ask yourself if you could continue to operate without issue if something were to happen to them. Jotting down a few notes about protecting these key vulnerabilities is a great place to start as you put your cyber risk management plan together.
2. Establish a Written Funds Transfer Policy.
Your digital financial transactions are a primary target for cyber criminals. A funds transfer policy can help minimize your risk. Follow these steps before any funds transfer:
■ Require verbal verification of all new account numbers and any previously verified account number that has changed for any reason.
■ Require the other party to recite their account number to your employee while on the phone.
■ Train any employees that have the ability to transfer funds on behalf of the business to follow the policy according to these procedures.
3. Implement Remote Access MFA.
Cyber security expert snow recommend enabling multi-factor...
To continue reading
Request your trial