Law firms are considered by many hackers to be soft targets with a wealth of valuable information. Data from social security numbers, credit cards, and client confidences is enough to make the criminal mind salivate with malicious intent. Between 31-45% and 10-20% of firms have been infected by spyware or experienced security breaches respectively. But what can a private practitioner or law firm do to prevent these trespasses on their networks?
In this episode of The Florida Bar Podcast, host Adriana Linares welcomes cyber security expert Sherri Davidoff to discuss the dangers to data that exist for law firms today. To begin their dialog, they define what ransomware is and tell us why so many firms give in to its extortion.
Tune in to learn what practitioners can do to counteract or mitigate some of the risks. Spam filters, employee training, role-based access controls, and anti-virus software are among many countermeasures available for even small firms. In addition, lawyers may want to consider network monitoring, cloud-based software platforms, and comprehensive backup and retrieval systems. The key to successfully implementing the latter is to test your IT firm’s ability to restore lost files.
Sherri Davidoff is a nationally-recognized cyber security expert who is a founder and Senior Security Consultant at LMG Security. She has over a decade of experience as an information security professional, specializing in penetration testing, forensics, social engineering testing, and web application assessments. Davidoff is an instructor at Black Hat and co-author of "Network Forensics: Tracking Hackers Through Cyberspace". She is a GIAC-certified forensic examiner (GCFA) and penetration tester (GPEN), and holds her degree in computer science and electrical engineering from MIT.
Discussed on This Episode:
Role based access controls