Are you concerned about your firm's cybersecurity?

Are you worried about your team member's password use?


Author Archives: Tom Lambotte

SSST #46—Ransomware Defense (Part 2): Turn On Multifactor Authentication

As you’ll recall reading in Part 1 of this four-part series, a ransomware attack is where extortionists infect your systems with a virus (a.k.a. malware)that locks up your data files or entirely shuts down your IT operations until you pay … Read More

SSST #45—Keep Your Guard Up Against Ransomware Attacks (Part 1)

Here’s a hypothetical story of a mid-size law firm suffering a ransomware attack and the damage that was caused. Please note that this is a fictional scenario and is not based on any specific real-life event. It was a typical … Read More

With Deepfake Visual Tech, Cybercriminals Can Now Very Convincingly Impersonate People You Trust

There’s an emerging threat to your data security that you’ll likely have to face before long. It’s called a deepfake attack.  Sure it makes for a catchy headline when this technology is used to feature an artificial intelligence-generated doppelganger meant … Read More

Guesting On ‘Be That Lawyer’ Podcast, I Offered Steve Fretzin’s Listeners a Cybersecurity Wake-Up Call

Attorney Steve Fretzin—host of the podcast “Be That Lawyer”—recently had me on his show to talk about law firm cybersecurity. He was clearly unsettled by what I shared. For example, phishing scams. I told Steve that even the smartest lawyers … Read More

SSST #44 Do This if Your Password is Stolen

We’re not entirely done optimizing your protection – here is another crucial (but easy and FREE!) step towards avoiding catastrophic computer consequences. You’ve updated your passwords, activated 2FA, patched all your software, and are even using a VPN to log-on … Read More

Never Conduct Law Firm Business Using Your Personal Email Account: Here’s Why

A surprising number of lawyers continue to use personal email addresses for sending and receiving correspondence pertaining to client matters. This is a mistake. All such emails should go out and come in via your firm’s email account and professional … Read More

The Dark Web Grows Darker: Why Your Firm’s Confidential Data are Bigger Targets Than Ever

A British court found a jealous 26-year-old woman guilty of soliciting the murder of a second woman for trying to steal her man. Seems the convicted felon had gone onto the dark web in search of a hitman she could hire … Read More

SSST #43 –Get Trained to Detect Spear Phishing

Spear phishing attacks are like regular phishing attacks, only a lot more insidious. An ordinary phishing attack usually involves sending out a spoof mass email that tries to trick a whole bunch of people into giving out their personal information … Read More

This Happened: $50k Stolen After 1 Employee Swallowed a Phishing Scam’s Baited Hook, But It Doesn’t Have to Happen to You

Knowing how to spot a phishing scam a mile away and not be suckered by it is vital not just for you but for everyone with an email account in your firm (pretty much everyone). Don’t believe me? Then let … Read More

Which Costs More: a Cyberattack or Cybersecurity? (Spoiler Alert: the Former, By Orders of Magnitude)

Pretend I am right now dangling before you a balance-beam scale, like the one Lady Justice holds in her upraised hand, minus the sword. In the scale’s pan on your left, I’m stacking all the component costs you’re going to … Read More


The Security Checklist for Busy Lawyers

The Security Checklist for Busy Lawyers