Cyber Security Best Practices for Legal

In honor of Cybersecurity Awareness Month (NCSAM), we are highlighting some of our cybersecurity related posts. Here is one originally posted last fall.

Cyber security education is one of the most important cyber security best practices explains Matthew Holland, CEO of Field Effect Software on the Technically Legal Podcast. Field Effect is a cyber security company providing tools and managed detect and response (MDR) services to protect against cyber attacks.

Matt started his cyber security career with Canada’s Communications Security Establishment (CSE) (similar to the NSA in the United States) and worked in the Tailored Access Operations group to gather signals intelligence for the agency (intelligence from communications and information systems).

Matthew explains that law firms and legal departments are prime targets for hacking because they are “the formalization of relationships between businesses and people and the documents, the communications around all those resources.” And, in those documents and communications, is the type of very sensitive information hackers hunt for. That is why law firm data security is important.

To shore up cyber security, Matthew suggests the use of multifactor authentication (MFA), VPNs (virtual private networks) and password managers.

He also explains that an organization’s first step in implementing a cybersecurity policy or program is figuring out available budget and  designating a point person to own the responsibility.

Listen to Technically Legal Episode 40: Why Hackers Like Law Firms & Legal Departments (and Cyber Security 101) with Matthew Holland, CEO Field Effect Software