I’m excited to have a guest post this week by Tony Rushin. Tony has spent his career in technology; this will be one of several guest posts he’ll write on cyber security.
“No locale, no industry or organization is bulletproof when it comes to the compromise of data.” This alarming statement from Verizon’s 2016 Data Breach Investigations Report is scary, but absolutely true. People often think that their business won’t be a target, but every firm – no matter how small – is at risk.
Cybercrimes take many forms, including targeted attacks, malware and ransomware that steal your data and return it only after a substantial payment, if at all. Small or mid-sized law firms are increasingly the focus of such attacks. In part, that’s because they are seen as softer targets, with less rigorous security in place. These organizations also hold the potential to give criminals access to information they can use to exploit or embarrass high-profile individuals, or obtain and profit from advance information about business deals.
How can small and mid-sized firms afford to secure their data when companies with deep pockets, like Target, Sony and other large enterprises, are unable to prevent hacks? It’s true that some information security technologies are pricey, but most data breaches come from the biggest security hole in any organization: its people, not its technology. Although investing in better technology might be part of the solution, many of the prevention strategies available to businesses revolve around training team members, ensuring they know what to do, and having leaders who focus on creating, implementing and enforcing good policies.
Here are four keys to reducing your firm’s cyber security risks:
- Strong leadership that is security-driven
- Put the right policies in place – then train & enforce
- Technology for prevention: take a layered approach
- Technology for detection: know when an issue happens
There’s a fine line between paranoia and maintaining a responsible, proactive attitude towards cyber security. When it comes to data security, it pays to err on the side of paranoia. With cybercrime rampant and rising, every firm needs to recognize that it can and most likely will happen to them. When it does, will your firm be utterly devastated or merely inconvenienced?
In future articles, I will dig into the four keys, listed above, in more detail.
Tony Rushin, Vice President for Network 1 Consulting, has spent 30 years in high-technology sales & marketing, from IBM to start-ups. Network 1 is an IT support company in Atlanta that becomes – or augments – the IT department for law firms and medical practices. You can reach Tony at 404.997.7633 or firstname.lastname@example.org.