How To Better Protect Your Business From Cyberattacks

Levenfeld Pearlstein, LLC
Contact

Bloomberg Law recently reported that Goodwin Procter was the latest law firm to fall victim to a data breach after one of its vendors was hacked. Cyberattacks on law firms and businesses have become increasingly common over the past few years, even more so with the onset of the COVD-19 pandemic. A recent study published by Hogan Lovells discovered that most businesses do not engage in a full data security review for their vendors and suppliers, often leaving them susceptible to data breaches. Remote work has also exacerbated this issue, as businesses are relying more than ever on technological capabilities in order to continue operations.

In light of the steady increase of cyberattacks on law firms and business, here are some specific steps that an organization can take to strengthen their information security systems and protect their data:

  1. Provide Adequate Company-Controlled Equipment and Support

Issuing company-owned laptops and other technology with built-in approved and acceptable security measures to remote workforces, or requiring appropriate VPN connections from personal devices, are critical fixes to potential gaps in cybersecurity.

  1. Use Multi-Factor Authentication and/or Cloud-Based Storage

Companies should also continue (or in some cases, begin) using recommended security best practices with respect to both company-owned and personal devices. This could include the use of multi-factor authentication (MFA), strong password requirements for all enterprise applications, and policies against locally saving company materials to personal devices.

  1. Property Secure Communications Technology

To safeguard employee (and client) communications to the greatest extent possible, businesses should sign up for (and pay for) enterprise solutions for videoconferencing and other communication needs and require employees to use only those authorized applications.

  1. Implement Proper Training

Now more than ever, training the workforce to detect and avoid cybersecurity threats is a critical piece of any information security program. Employees should remain vigilant against phishing attempts or other incursions into the company’s systems, particularly since remote work increases the threat of hacking with multiple potentially unsecured home networks. Employees should also be trained on the continued need to protect information relating to clients, customers, and other employees while working remotely.

  1. Update Incident Response Plan

Every business should also draft and regularly update the incident response plan they would use to respond to a security breach. In the event of a data breach during remote work, employees should know who to contact and which resources are still available.

We will continue to monitor developments regarding cybersecurity and data protection and provide updates as available.

[View source.]

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Levenfeld Pearlstein, LLC | Attorney Advertising

Written by:

Levenfeld Pearlstein, LLC
Contact
more
less

Levenfeld Pearlstein, LLC on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide

This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.