Today, cyber security is one of, if not the most important issue the government has to deal with. The increase in cybercriminal activity has impacted the US government just as much as it has the private and corporate sectors in recent years. The OPM hacking incident alone affected 21 million individuals within the Federal government and highlighted the seriousness of what is referred to as Insider Threats.
The previous administration made several changes to cyber security policy during its eight years, including creating the definition of Insider Threats as it’s known today and creating the Insider Threat Task Force. For the first time, the US government has its own Chief Information Security Officer (CISO). The Cyber Security Advisory Commission was put in place, as well as the Computer Security Information Sharing Act of 2015. And only time will tell what changes the current administration might choose to make.
However, all of these changes were applied only to government agencies. All the great work they did couldn’t be shared with corporate America or the private sector. But that doesn’t mean we can’t learn from the steps they’ve taken, and use this information to build better cyber security policies of our own.
There are two things you can do within your firm that goes above and beyond standard cyber security measures, and improve upon measures currently in place within the government.
First, you need to appoint a senior partner to be in charge of your cyber security program in its entirety. Keeping cyber security separate from the duties and concerns of a CISO or IT department is critical. One of the biggest mistakes anyone can make when it comes to cyber security believes that technology alone can solve cyber security issues. Your firm needs to be able to view cyber security not just from a technical perspective, but from a human standpoint.
There is an enormous human component to cybercrime, and failing to give it proper consideration will undermine the rest of your security efforts. Have everyone report on their own sector to the board of directors or the other partners, and you’ll have a clearer picture of what’s happening within your firm.
Second, your team needs to write good policies that support the posture your firm wants to take in regards to cyber security and Insider Threats. Right policies that are followed to the letter by each and every member of your team should be an integral part of your firm’s cyber security measures.
The reason it’s so important to consider the human aspect of cyber crime is that the nature of these threats is changing. These new threats are sinister, infiltrating systems and lurking quietly, biding time and gathering information. It’s not a smash-and-grab type of situation where a hacker takes a run at your network security, exploits a weak point, and makes off with whatever they can get to.
The timeframe between when a security breach occurs and the time your firm realizes that a violation occurred is typically six months to a year. That’s six to twelve months where a cybercriminal has been silently mining your firm’s valuable data. That’s not the actions of a line of malicious code. That’s human intent, pure and straightforward. And given that at least 80 of the 100 biggest US law firms have been hacked since 2011, it’s more important than ever to recognize the level of sophistication your firm is up against when it comes to cybercrime, and act accordingly.