How to Respond to a Cyberattack
Your worst nightmare has become reality: you discover your law firm database has been breached and sensitive information has been compromised.
What’s the first thing you should do?
If you had the foresight to prepare an Incident Response Plan – even if it’s just a single page of action items – you have a blueprint in hand.
But what if you have no plan?
“First, assemble a business continuity team, including IT and data forensics experts, and have them determine the size and scope of the vulnerability,” says cybersecurity expert Douglas Williams in this blogpost for the US Chamber of Commerce. “Then, secure physical areas that could be related to the breach and change any access permissions right away.”
Another urgent step, per Williams: prevent any further data loss by taking all compromised systems offline.
“Swap out any affected machines with unaffected ones,” he writes. “Update all user credentials and passwords that a hacker may have gained access to. Also be sure to remove any information that may have been posted online as a result of the hack, including on other websites where the exposed data may have been posted. Interview all parties who discovered the breach, and document the process, as well. Refrain from destroying any evidence during the process. Finally, remember to ensure your public relations communications are positive and constructive during the reconstruction of data.”
Lawyers Mutual is here for North Carolina lawyers. Our Byte of Prevention blog brings you vital news, alerts and practice management pointers. Our Client Services Department is available to help you work through challenges, whether it’s building teamwork or improving your bottom line. And our Claims Department is by your side when trouble strikes. Stay ahead of the curve by being insured with Lawyers Mutual.
The most common type of cybercrime – accounting for 44 percent of all incidents – is theft of data. Here is some risk management advice from Mike Tanenbaum, head of cyber for Chubb North America, for the US Chamber of Commerce website CO.
- Identify weak points in your system and infrastructure
- Upgrade all software
- Change your passwords
- Implement two-step verification
- Install a WAF (web application firewall)
- Make sure your e-commerce system is PCI-DSS (payment card industry data security standards) Level 1 compliant
- See that your website hosting company regularly patches any security vulnerabilities.
- Safeguard company servers, smartphones, laptops and other devices
- Hire an outside cybersecurity professional
- Obtain cyber insurance coverage
Source: How to Handle a Cyberattack (uschamber.com)
Three Elements of Notification
“After taking measures to secure your data and prevent additional damage to your devices, take a deep breath and move on to alerting your affected customers,” writes Emily Heaslip for CO. “All states require that businesses notify customers in the event of a security breach that involves personal information. There may be other laws that you need to follow that apply to your situation, depending on the type of attack your business experienced. Check state and federal laws to find out.”
Here are three elements Heaslip says are essential when notifying clients who were affected by the breach.
- Time. “The sooner you can alert customers, the sooner they can take steps to protect themselves from fraud.”
- Information. “Try to give customers as much information as possible about the nature and extent of the breach.”
- Thoroughness. “Use multiple communication channels to make sure that all affected parties are notified of the breach.”
Source: How to Communicate a Data Breach to Customers (uschamber.com)
Lawyers Mutual brings you practical pointers for designing a satisfying career. We’re here as you adjust to practicing law post-COVID. Our email newsletter “Practice Reimagined” offers timely tips and valuable links on wellness, work-life balance and quality of life – delivered straight to your in-box. Lawyers helping lawyers. It’s what we’ve been doing since 1978.