CASEpeer CEO and Co-founder, Gabriela Cubeiro, sat down with Eric, CEO of EVERNET and IT expert with over two decades of experience, to discuss law firm IT and cybersecurity needs.
The American Bar Association’s Legal Technology Resource Center publishes a TECHREPORT each year. In 2021 they reported security threats to law firms are at an all-time high, with over 25% of law firms saying they had experienced a data breach at some point. Firms with 10-99 employees appear to be at the greatest risk.
With these statistics in mind, Gabriela and Eric discuss why hackers target law firms, common cybersecurity threats, security best practices to implement today, IT do's and don'ts for law firms, and more.
Eric explains how he got his start in the world of IT, first working at an IT agency for a couple of years post receiving his Bachelor's degree, and soon after being inspired to go off on his own doing independent consulting for law firms. After getting his name out there, he began to build a team of highly-skilled IT consultants to help manage the increase in demand, eventually leading to the birth of EVERNET.
Discussing the importance of consistent IT support, Eric says that it's not only crucial for ensuring that you're acting ethically, but also that you're managing your business appropriately.
Eric and Gabriela then move on to discuss the most common IT mistakes that law firms make. The first, Eric says, is not maintaining an active relationship with a trusted IT partner or resource. Another common mistake is not setting up two-factor authentication when it's available. In conjunction with that point, Eric urges software vendors and service providers to not make MFA (multi-factor authentication) optional, as many do, but to make it mandatory.
As far as cybersecurity best practices go, Eric touches on the topic of passwords and main the do's and don'ts. He highly urges against reusing old passwords and suggests never creating a password directly from your head. He recommends using a password manager like LastPass to generate strong passwords and keep them secure.
Finally, Eric discusses the importance of conducting recurrent cybersecrurity training for employees. He suggests using a learning management tool that HR can implement at your firm, TalentLMS, which Eric himself uses at his organization. He mentions how the bar associations often put on recurrent webinars on cybersecurity that even qualify for CLE credit.
Watch the full recap below to listen to the full discussion and learn the key tips and best practices your firm can start implementing to maintain ethical cybersecurity measures.