The U.S. Department of Homeland Security declared October “National Cyber Security Awareness Month.” This is a pretty telling event: our nation’s security depends on each of us being more aware of the actions of those who would reach into our computers and take our data, tell us lies, lead us to shady sites and generally betray us in large and small ways.
Remember the “good old days” when our nation’s security rested solely in the hands of our incredible military? Now, all of us have a duty to be vigilant every time we log into our computers, phones and mobile devices. We are the first line of defense.
Why? Because we are a hyper-connected society and we have a naïve trust of what we read online and in what shows up in our inbox. Those access points and that trust can be used against us very easily.
Consider the following headlines:
Our personal information, our health, our news, our elections, our very beliefs are being hacked today.
So, What Can You Do About It?
Each of us needs to become more vigilant about our actions on the Internet and with any device that is connected to the Internet, which is increasingly every gadget we use! I highly recommend that you sit down and study the Homeland Security website, which has a ton of resources for you to protect yourself and your family. Their national campaign is called “Stop. Think. Connect.” and they’ve created a toolkit full of helpful resources. In fact, you might download one piece of information a week and discuss the topics over dinner with your spouse or family. If everyone in our country was more aware of the attempts against us, we could slow cybercrime significantly.
Truly, awareness is the most effective way to slow this type of crime! And awareness is not all that hard to achieve!
Awareness in Law Firms
Now, of course, I have to talk specifically about law firm cybersecurity because I’m passionate about helping this industry protect itself. Security breaches at law firms affect so many people and businesses, in sometimes tragic ways. Yet, alarmingly, a recent ILTA survey found that careless employees ranked as the highest information security threat to organizations, with over 60% of respondents identifying this as their primary concern.
The biggest concern at law firms isn’t “do we have the right firewalls?” It’s, “Does Bob know not to click on that pizza coupon?”
That is why security awareness training has become so critical at each and every law firm I visit.
At Savvy Training & Consulting, we offer KnowBe4 security awareness training. An education and testing program, KnowBe4 includes a simulator that enables you to create compelling, fake emails, push them out to your firm, track the people who are vulnerable, and educate everyone to be more astute when they click!
Here’s how it works:
Upload your users to the system
Launch a baseline phishing test using any number of templates
Using the results from that phishing test, launch targeted trainings to help your employees be more discerning clickers
Every month, send out another phishing campaign
Track improvements down to individual users over time
This system is updated continuously with new phishing templates that you can use to phish your law firm, learning who is vulnerable to scams and who needs training.
And it works. I recently wrote about a law firm that went from a 20% fail rate to a 4% fail rate using the KnowBe4 system. That firm’s IT people sleep a whole lot better now, I can tell you. They’ve educated their attorneys and staff to be a solid front line of defense against phishing campaigns.
Our nation’s security – and even the health of our democracy – increasingly lie in our very own hands. Please share the Homeland Security toolkit with your friends, colleagues, family and neighbors.
And if you are curious about KnowBe4, please contact Savvy today.