Sensei Article Featured in Oregon State Bar Bulletin
August 5, 2021
“A Perfect Storm: Security Assessments and Penetration Tests are Crucial” by Sharon D. Nelson, John W. Simek and Michael C. Maschke of Sensei Enterprises was featured in the July 2021 Oregon State Bar Bulletin.
The way law firms operate has undergone a drastic change over the past year, in both the physical and digital worlds. We’ve seen law firm employees working remotely, a heavier reliance on cloud-based technology solutions and services, and firms operating on a reduced budget through an economic crisis caused by the COVID-19 pandemic.
This new norm has created an operating environment that hackers once could only dream about, blending a rise in cybercrime during a time of crisis with the inability of some law firms to respond, pivot and adapt quickly. As a result, ransomware is now the No. 1 cybersecurity threat that the legal profession faces. The perfect storm has been created, and it’s heading toward your firm if it hasn’t arrived already.
What exactly do we mean?
Users are now accessing confidential client files from their kitchen or home office through personal computers, tablets and outdated Wi-Fi that has not had the configuration updated since the Internet Service Provider installed it. Employer-provided systems are not universal, even among the largest of firms. And users are now primarily responsible for keeping their software and operating system patched with critical updates.
Two-factor authentication, which Microsoft states will stop 99.9 percent of account-takeover attacks, remains mostly unused — even though it is provided at no cost with Microsoft 365 subscriptions. Encryption of laptops, while commonly discussed, still is hardly implemented.