IT Security concept

IT Security for Law Firms

Security Awareness Training for Law Firms:

In today’s business with the ever increasing and evolving cybersecurity threat landscape, cybercriminals are becoming more and more creative. The greatest threat vector to any organization is through their employees. Acts don’t have to be malicious to cause great harm to an organization. An oversite, mistake, or careless act can lead to a successful breach causing organizations hundreds of thousands of dollars in ransom payments, lost revenue, recovery costs, and reputational impact.

IT security for law firms.

Specific to law firms, attorneys handle sensitive and confidential client information every day. This information can range from personal client data to highly confidential documents. Due to the evolving technical landscape and the changing way in which business is conducted, this data is often transmitted and stored electronically. Due to the types of information handled, and the way in which it is stored, it is crucial that attorneys and their associates are well versed in cybersecurity best practices to ensure information is safe and protected. This is why it is becoming increasingly more important that all attorneys and their associates are educated on how to identify a threat and avoid the seemingly harmless action that may lead to a breach; this is where an effective security awareness training and testing program comes into play.

What is Security Awareness Training?

Security awareness training is the process of educating employees about the potential threats and vulnerabilities that exist within the current technical landscape. This training is meant to equip employees with the knowledge necessary to identify and respond to possible cyber threats in order to prevent them from occurring.

Security awareness training can cover a wide range of topics. This includes password management, email security, best practices for public Wi-Fi use, and how to reduce your likelihood of becoming a victim of cybercrime. Security awareness training programs should be updated regularly and reflect current cyberthreats and vulnerabilities. An effective program will include periodic testing to ensure employees comprehend and apply the principles they’ve been taught.

The Importance to Law Firms

One of the primary threats facing attorneys and law firms today is cyber-attacks targeted at their employees. These attacks can come in many forms, including phishing scams, social engineering, malware, or ransomware attacks. The information transmitted and stored as part of attorneys day to day business makes law firms rich targets for hackers and cybercriminals. A successful cyber-attack can result in stolen client data, damaged reputation, regulatory penalties, and significant financial losses.

Additionally, due to certain legal and ethical obligations requiring lawyers to protect client data, and regulatory requirements including the General Data Protection Regulation (GDPR) and the Health Insurance Portability and Accountability Act (HIPAA), law firms may be required to implement and maintain security awareness training programs in order to comply with industry regulations, depending on what data is stored and transmitted by each law firm.

Finally, as lawyers are required to obtain continuing education credits related to technology and security, in many states, security awareness training can assist in satisfying these requirements.

How Vivitec Helps Address Solves These Issues

Security awareness training is an essential component of any cybersecurity strategy for attorneys and their firms. By providing this training to employees, and establishing a security awareness training program, attorneys and their associates can further understand the potential threats and vulnerabilities, comply with industry regulations and standards, and create a culture of cybersecurity within the organization.

Vivitec offers customized solutions to implement an effective security awareness training program in your firm. Our training services offer regular training sessions, facilitated by globally acclaimed cybersecurity speakers. The training sessions reflect current threats and vulnerabilities and allow lawyers and law firms to stay up to date on the current cybersecurity threat landscape. Vivitec also provides phishing exercises that allow practical training and exercises, helping clients gain real world practice in identifying phishing attempts.

Vivitec will work with your firm to balance your business needs with cost and risk tolerance to tailor, implement, and maintain a security awareness training program for your firm that helps to satisfy legal, ethical, and regulatory guidelines, all while establishing a culture of cybersecurity within your firm and helping to achieve certain continuous education requirements.

Post provided by Vivitec.


Start 2020 Off Right by Kick-Starting Your Maintenance Program

From mid-November through the beginning of January, Lawyers with Purpose members tend to see a decrease of initial contacts, initial meetings, and workshop attendance. The holidays are THE time for your prospects and clients to be thinking about AND discussing their future plans with family, however, not as many do. How can you remedy this? By kicking off your maintenance program!


Know the Seven Common Workshop Mistakes and How to Avoid Them

When LWP members start putting their workshops together for the first time, they often think of them as a way to generate new clients, which is a key outcome.  However, they tend to focus on the workshop solely as a lead generator, and this mindset falls severely short in terms of what workshops actually help you accomplish. The workshop should be considered part of your process, the education part.  It is the part of the process that almost everyone needs, but they don’t think they do. The workshop helps participants see things they didn’t know, as well as things they didn’t even know they didn’t know; it provides them something new upon which to reflect.  The workshop doesn’t just generate leads; it helps enroll qualified candidates into your firm for a Vision Meeting and helps you accomplish higher retention rates and higher average fees, adding to increased profitability.  This article gives an overview of seven common workshop mistakes that will sabotage your success.


Transform Your Practice One Who at a Time: The Accountability Chart

In the LWP system, progressing through the three levels of success depends upon your having the right people, the right “Whos”, in the correct positions within your organization. We call the graphic representation of “who does what” in a law firm an Accountability Chart rather than an organizational chart. This is because success depends on holding each “Who” in the firm, including the owner, accountable for accomplishing the tasks associated with each position.


Download the LWP Law Firm Accountability Chart here

Take a look at the Accountability Chart above. You’ll notice that the top box, occupied by the owner, has a question mark next to the word Entrepreneur. Why? The owner of a law firm is not necessarily an entrepreneur. He or she might be, but is not always. The skills, knowledge, and experience necessary to be an outstanding attorney are not the same as those required to be a successful entrepreneur. As the saying goes, law school doesn’t teach you how to be an entrepreneur or run a law firm, it teaches you the law.

Ask yourself: Are you an entrepreneur? Do you have a vision for the future of your firm and the commitment, together with the skills, necessary to make your vision a reality? If not, your firm’s success depends on your developing the vision and skills you need or finding someone—the right “Who”—to fulfill the entrepreneurial role.

Now consider the operations box on the Accountability Chart. In many law firms, the owner/attorney takes on the important duties of Operations Manager. At LWP, we encourage owners to avoid operations and instead bring someone on board who has the skills necessary to manage the firm. One of the key skills required of the Operations Manager is the ability to hold everyone in the firm accountable for doing their jobs in an accurate, effective, and timely manner.

It is important to note that by utilizing the tools and exercises we have shown you, many LWP members have discovered that the ideal Director of Operations is already employed by the firm in another capacity. The same can be said for other roles within the firm, including that of entrepreneur. The “Whos” you need to fill certain roles may already be sitting at your conference room table; they are just not in the right “seats.”

Next time we’ll discuss the four boxes in line three of the Law Firm Accountability Chart: Marketing, Client Services, Legal Services, and Finance/Human Resources.


Transform Your Practice One Who at a Time: The LWP Law Firm Success Model

At LWP, we believe that a firm’s success can be broken down into three levels. The Law Firm Success Model illustrates this principle and is a proven blueprint for tracking your progress from one level of success to the next. 


Download the LWP Law Firm Success Model here

As you can see, in the Success Model level one is defined as technical success—and rightly so. At the very least, your firm must be able to use the law competently to address your clients’ needs and craft legal documents that produce the desired results for your clients.

Where are you with respect to competency and level one? Perhaps you are transitioning from one area of the law, such as family law, into elder law. In that case, you might not be proficient at designing, say, an asset protection trust. This would put you to the left of level one, letter A on the Success Model above. To fully achieve level one success, you must master the strategies and tools of estate planning, elder law, Medicaid planning, and asset protection.

LWP has helped many new members attain technical success through a combination of cutting-edge software, hands-on training, legal/technical support, and one-on-one coaching. Our three-day, intensive Practice With Purpose (PWP) workshops are the best possible way to start. You can learn more about them, or register for an upcoming PWP workshop, here.

Now let’s move on to level two, operational success, which is defined as consistent profitability and growth. Study the bulleted questions in level two. If your answer to most of these questions is no, you are to the left of operational success, the letter B in the Success Model—you’re not quite there yet. Conversely, if your answers to most of the questions are yes, you are well on your way to operational success and consistently achieving your revenue, profitability, and growth goals.

If you have achieved operational success, you are ready to move to the next level in the Success Model, entrepreneurial success. In essence, entrepreneurial success means that your firm can operate successfully and profitability without your day-to-day involvement. For example, if your firm has achieved level three success, you can go on vacation for a few weeks and your firm will not be in a state of utter chaos upon your return. Entrepreneurial success means you have the team—the “Whos”—in place to keep your firm running at peak efficiency whether you are in the office or not.

Look at the Success Model one more time. Whether you are in position A, B, or C, we can help you get to the next level. You will benefit from our next email, which will discuss our proprietary Law Firm Accountability Chart—the cornerstone of building a team that is comprised of the “Whos” you need to move forward.

If you are in position D, congratulations, you are not only an accomplished attorney, you are also a successful entrepreneur. Don’t bother reading our next email. We won’t mind. We celebrate success, and you should, too!


Automated Workflow Management: The Top 4 Reasons Why You NEED Automated Workflows in YOUR Firm!

Utilizing an automated workflow management system makes it much easier to have greater insight into your business by easily generating reports instead of having to dig through files or spend time locating the information you need.With automated workflow management, you and your team are held accountable by auto-generated tasks set specifically for certain roles. Your ability to communicate both internally and externally is more effective because everyone is aware of the specific step a client is on within the process and how to keep clients moving efficiently through your process, overall.