I’m excited to have a guest post this week by Tony Rushin. Tony has spent his career in technology: this is his second of five posts on reducing cyber security risks. You can find his first post here.
Strong leadership that values, communicates and enforces stringent security protocols cannot be overemphasized when it comes to creating a data-safe law firm environment. It is the first of four keys needed to reduce your firm’s cyber security risks and it is the most important.
Firm leaders need to understand how their commitment shapes attitudes at all staff levels. No matter what their other duties may entail, leaders must have a comprehensive grasp of the dangers as well as the strategies the organization employs to minimize risk. Knowing how easy it is for data to be stolen, and the consequences of having a data breach, is the first step in getting a firm’s leadership on board with important policies.
Every firm needs a security team – not just a single person, but a small group who maintains a strong focus on preventing and managing security risks. One individual on the team should be named as Compliance Officer.
Creating a culture of compliance is the key to minimizing risk. When leaders are sufficiently invested and engaged in maintaining a secure environment, data security changes from being a topic that is addressed from time to time into an inherent part of every conversation.
In addition, law firms should strongly consider acquiring external guidance to formalize and implement internal policies and procedures. Even professional security companies employ this strategy to ensure the most complete coverage. As with so many other tasks, getting input from an external observer is likely to uncover weaknesses and gaps that those on the inside simply aren’t able to see.
In future articles, I will dig into the three other keys to reducing your firm’s cyber security risks – policies, prevention and detection – in more detail.
Tony Rushin, Vice President for Network 1 Consulting, has spent 30 years in high-technology sales & marketing, from IBM to start-ups. Network 1 is an IT support company in Atlanta that becomes – or augments – the IT department for law firms and medical practices. You can reach Tony at 404.997.7633 or email@example.com.