This is a question I am asked frequently. As one reporter put it, “It seems like lawyers were scared straight about cybersecurity for about a minute after the Panama Papers leaks and some NY law firms were exposed as targets of hackers.” I am happy to say that their attention was caught for more than a minute.

The larger firms have been “scared straight” for some time. They all know that an advanced hacker with advanced tools and sufficient funding can breach them. I suspect they’ve all been breached, some multiple times. So they began some time ago to invest a lot of money in cybersecurity.

While they are anxious to keep the bad guys out as the first line of defense, they have surrendered to the inevitable – that they will be breached and must detect, respond and recover. A lot of money is going into Intrusion Detection Systems (some are affordable for small firms too) and Intrusion Prevention Systems (IPS), usually far more advanced and expensive. An IPS generally monitors network activity, looks for attack behaviors or activity that deviates from baselines. They can take automated actions in response to what is detected – and they do much more than I can cover in a blog post.

Read the Rest at “Ride the Lightening.