Skip to the main content.
What Size Law Firm Are You?

We've crafted solutions tailored to your firm

Insurance Glossary

The world of insurance for law firms can be confusing, and difficult to navigate. We've created this glossary because these common insurance terms should be easy to understand.

← Blog Home

9 Ways to Protect Your Firm and Clients from Current Cybersecurity Threats

2 min read

9 Ways to Protect Your Firm and Clients from Current Cybersecurity Threats

The COVID-19 pandemic forced most law firms to conduct business in ways they had not done before.  Many firms were forced to transition to work from home on short notice and were required to make the transition without ample time to consider best cyber practices.  This situation is not ideal for law firms as lawyers are a main target of cybercrime. Cybercriminals have much to gain by accessing confidential, financial, and transactional information held by law firms.

Attorneys were not at the top of their cybersecurity game pre-pandemic. In 2019, the ABA conducted its Legal Technology Survey, noting that, “the biggest concerns from the ABA 2019 Legal Technology Survey were the poor—and worsening—cybersecurity approaches lawyers are taking to the use of cloud applications.”[1]  The report further indicates that, “the lack of effort on security has become a major cause for concern in the profession.” Coupled with this lack of effort, the cause for concern is compounded by the results of a survey cited in the ABA 2019 Cybersecurity TechReport[2] which reports that 26% of the lawyers surveyed had experienced some sort of security breach in their law practice.

To make a vulnerable cyber situation worse, COVID-19 has accelerated cybercrime. reported that, in a report released on May 5, 2020, by security firm Mimecast, “Between January and March…spam and opportunistic detections increased by 26.3%, while impersonation was up 30.3%, malware by 35.16% and the blocking of URL clicks up by 55.7%.”[3]  Here at ALPS, our information technology department reports the number of potentially harmful cyber activities identified by Zscaler rose from approximately 120,000 during the month of February 2020 to 4,331,833 during the month of April 2020.

Ethics and business considerations make today a perfect time for all lawyers to check-in on the adequacy of their law firm’s cybersecurity.  The following list includes ideas for firms to assess their current cybersecurity risk and take steps to better protect both the law firm and its clients.

  1. Consider or reconsider security basics to include a frequent change of password with adequate password strength.
  2. Make sure firewall and antivirus applications are in place as a first line of defense.
  3. Begin cybersecurity awareness training. Training assists with understanding, identifying, and appropriately dealing with cyber threats.
  4. Encrypt web connection, email messages, and stored information.
  5. Use a virtual private network (VPN). Even if firm members are not using a public Wi-Fi network, a VPN for work from home is still a good idea and can better protect confidential information.
  6. Implement dual or multi-factor authentication for any work account.
  7. Consider purchasing a cyber policy, if your firm does not already have one, or take the time to evaluate the firm’s existing cyber policy coverages and options. Once the best cyber policy for the firm’s needs is in place, make sure the policy reporting requirements and coverage are understood.
  8. Establish an incident response plan aiming to identify risk, minimize damage, and reduce the cost of a cyber breach. Timeliness is a key factor with most cyber issues.  The incident response plan is best established in conjunction with the firm’s cyber policy.
  9. Consider whether a secure client portal best serves the needs of the firm and the clients.

In sum, attorneys are not known for having the most up-to-date cyber practices to begin with and COVID-19 has significantly increased cyber risk.  While there is no one-size-fits-all procedure for dealing with cyber threats, the list above should provide the framework to begin an assessment.  At the present time, considering cyber issues and implementing procedures for dealing with cyber risk as a necessary component of any law practice.




Martha Amrine has worked as a claims attorney for ALPS since 2011. Before coming to work with ALPS, she practiced law in Washington State, concentrating in trial court litigation. She obtained her B.A. from Seattle University in 1999 and J.D. from Gonzaga Law School in 2003. She is a member of the Washington State Bar Association. Martha currently lives in Missoula, Montana where she runs on the Big Dipper trail running team, coaches boys' soccer and kids running, and spends her free time enjoying Big Sky Country with her husband and two sons.

How To Minimize The Risk Of Becoming A Victim Of Wire Fraud

4 min read

How To Minimize The Risk Of Becoming A Victim Of Wire Fraud

Updated 07/2023 Lawyers remain a high-profile target for scammers hoping to get away with wire fraud and the attack vectors they are using continue...

Read More
Why Would A Small Law Firm Be An Attractive Target For A Cyber Criminal?

1 min read

Why Would A Small Law Firm Be An Attractive Target For A Cyber Criminal?

Regardless of size, any and every law firm is an attractive target for a cyber criminal. Think about it. Law firms serve clients of all shapes and...

Read More
Why You Don’t Get It Both Ways with Of Counsel Relationships

3 min read

Why You Don’t Get It Both Ways with Of Counsel Relationships

Sometimes a call comes in that I feel compelled to write about and this is one of those times. The question seemed simple enough. Basically, the...

Read More