TABLE OF CONTENTS

Contacts

Hallie J. Mann
Executive Director

Lawyers Associated Worldwide
2823 McKenzie Point Road
Minneapolis, MN 55391 USA

Phone: +1 952-404-1546
Fax: +1 952-404-1796
Email

Nancy Eiler
Editor

Phone: +1 216-561-3466
Fax: +1 216-561-3016
Email

If you would like to contribute content for future newsletters, please contact Ms. Eiler.

February 2018
LAW Newsletter

Cyber Security

Cyber Security – The 4 Things Every Lawyer Should Know

By Brad Deflin
Total Digital Security

1) Cyber Risk Has Gone Existential

Our everyday environment, personally and professionally, is increasingly “connected” and vulnerable to hackers and cybercriminals from around the world.

Internet-connected ‘things’ – TV’s, smart homes and appliances, medical devices, and much more, are expanding the attack surface for criminals beyond just computers and phones. Now, every aspect of our lives is vulnerable to attack whether at the office, in the home, or on the road, and we must think beyond what the IT department can do to protect.

While the new, existential nature of cyber risk requires individuals to be aware and protected, and to adapt cyber-hygiene behaviors and habits, the risk holder remains well beyond the people themselves. The risk may have been “democratized,” but the stakes are still shared institutionally, and only through a partnership between people and the organization will either side succeed and survive.

2) It Will Continue to Get Worse, Before Getting Better

Cyber attacks, traditionally “black hat” activity like cyber espionage and warfare, are now predominantly motivated by financial profit. Since 2014, the rate of cybercrime has exceeded that of the traditional sort, and now extortion, blackmail, financial fraud, and theft have digital versions that dwarf their historical equivalents in scope and size.

Criminals from street thugs to sophisticated professionals are clamoring to get in on “the perfect crime.” Crypto-currencies are eliminating the need for laundering, fencing, or pawning, and are off the radar from law enforcement and tax authorities. Cybercriminals can perpetrate attacks from anywhere with no risk of injury or death, and without leaving evidence or a scene of the crime.

There is no end or plateau in sight for cybercrime’s rapid growth. Traditional criminal cartels and new cybercrime syndicates are tooling for maximum exploitation, and we will see the next few years as the “golden-age” for criminals around the world. Additionally, with North Korea and the WannaCry ransomware assaults as a recent and poignant example, nation-states now see cyber attacks for
profit as a perfect mix of inflicting socio-economic harm and raising funds to counter sanctions and the high cost of waging war.

3) Your People Are Not Prepared

The democratization of cyber risk has quickly become more a matter for the governance committee than for the IT department.

It is digital technology’s nature to progress at exponential rates, while we, as bioorganic humans, naturally adapt at a much slower pace. The gap between cybercriminal activity and sophistication, and that of your partners, staff, vendors, clients, and family members is vast and expanding every day. And, nobody understands this better than the cybercriminal as they exploit the chasm for all its worth.

Cybercrime is an early-stage symptom of the new digital age. Exponential progression of digital technology is driving uncharted levels of change and affecting every aspect of our lives. As leaders, we must provoke and stimulate individuals with greater context and framework for a deeper understanding of digital technology and how it applies to most all we do today.

4) But It Is Manageable, and You Can Do a Lot About It

As daunting as the matter may seem, cyber risk can be managed and significantly mitigated if you affect necessary counter-acting change.

First, approach the matter in a way that transcends compliance and regulatory pressures. The type and level of awareness and behavioral adaptation you seek demand individual internalization and should motivate in a fashion aligned with personal needs and goals. Consider the notion of “cybersecurity as an employee benefit” – one that enhances lives across the spectrum of daily activities, personally and professionally. This approach advances long-term adaptation, agility skills, and behavioral change.

Second, use the recent progress in cybersecurity technology to protect. Beginning in about 2012 the cybersecurity industry was recognized as a growth business for the future. Since then, every year has seen record high inflows of fresh investment capital. The industry is stimulated and re-energized as smart capitalists and innovators are using new technologies in networks and software including clouds,
AI, and machine learning, and Big Data to increase efficacy and ease of use while decreasing costs. As a result, value in cybersecurity solutions will rise for many
years to come

Cybercriminal sophistication and success ride the arc of technology and so should our defenses. Today, managing and mitigating cyber risk requires a combination of education and solutions. And, it’s a mandate for tomorrow and the future for survival and success in the new digital age.

For more information on this topic, contact Brad Deflin at brad@totaldigitalsecurity.com. Brad Deflin is the Founder of Total Digital Security, a leader in the emerging “Managed Cyber Security-asa-
Service” industry. Total Digital Security manages and mitigates all elements of cyber-risk for families, professionals and small to mid-sized businesses, including PCI, HIPAA and other regulated environments.