As a proud business partner of the Australian government’s cyber security centre, our law firm takes our role in protecting our clients’ digital safety very seriously. We understand that cyber threats are constantly evolving, and businesses of all sizes are at risk. Holly Gilholme, Attwood Marshall Lawyers Practice Manager, reflects on Cyber Security Awareness Month and calls on our clients to review their cyber security and make necessary changes to protect their data and systems.
The cyber threat – it’s real
October marked Cyber Security Awareness Month, a global initiative focusing on staying safe online. 2023 marks the 20th year the awareness campaign has been held worldwide.
The crucial message at the heart of the awareness campaign was that your digital safety matters.
The world increasingly relies on technology, so awareness of looming threats is paramount. Cyber threats can take several forms – phishing scams, ransomware attacks, identity theft and data breaches – with each having the potential to devastate their victims.
Sometimes, it’s human nature to let our eyes glaze over when confronted with complex subjects like cybersecurity. Trying to digest unfamiliar terminology, reports of significant data breaches, and how cyber threats are continuously changing can be overwhelming. But cybersecurity doesn’t have to be insurmountable. It’s an achievable goal, even for those who aren’t tech-savvy. By breaking down the fundamental principles and staying informed, you can enhance your digital safety.
Here, we aim to shed some light on current cyber risks and provide practical insights for strengthening your digital defences.
Cyber Security Awareness Month
Cyber Security Awareness Month emphasises the importance of good cyber hygiene, serving as a reminder to safeguard your data and devices all year round.
This year’s campaign slogan was “Be cyber-wise, don’t compromise.” And the message is relevant all year round.
In Australia, individuals and businesses report cyber incidents to the Australian Signals Directorate (ASD). The ASD is a statutory agency that provides a single point of advice and support on cyber security through its sub-department, the Australian Cyber Security Centre (ACSC).
Beyond the ever-present warnings to be aware of phishing scams and be careful when clicking links in emails or opening attachments, even unsophisticated users can bolster their online security by implementing basic practices.
The ACSC urges Australians to follow these four straightforward actions:
- Keep your devices up to date,
- Enable multi-factor authentication,
- Create backups of crucial files and
- Employ passphrases and password managers for enhanced security.
Experts say a strong password should be unique, at least 16 characters long, and complex – including numbers, letters and special characters. It is also imperative that you do not use the same password for different accounts and systems.
The ACSC’s push for companies to review and improve their business’ cyber security comes at a critical time. Cyber security has become the most significant operational challenge for firms in 2023, according to cyber security solutions provider AU Cloud, services form LexVeritas and the Australasian Legal Practice Management Association, ALMPA.
The organisations paired up to release the 2023 State of Cyber Security Report earlier this year. The report reiterated that the legal industry is the fourth most targeted industry for cyber criminals and that the most common form of attack is email phishing. It also found that 34 per cent of law firms don’t have a sufficient cyber incident plan.
Strengthening our digital defences
Attwood Marshall Lawyers is an ACSC Business Partner, which means we receive targeted guidance and timely information from the ACSC to help us keep our systems and networks secure.
We joined the program because the cyber security of our business, our customers and our suppliers is extremely important to us. We consistently monitor and revise our security policies to ensure we do our best to prevent cyber fraud.
On top of targeted guidance, Business Partners receive a monthly newsletter and a subscription to ASD’s ACSC Alert Service, which informs Australians of the latest threats and vulnerabilities and how to address risks to their networks.
The ASD also offers several programs for businesses, including exercises to enhance their cyber security resilience. Its “Exercise in a Box” tool, for example, allows businesses to assess their cyber security practices by having employees respond to simulated ransomware attacks or other cyber threats on their network. Participants can delve into scenarios like dealing with ransomware attached via a phishing email, responding to mobile phone theft or managing risks linked to third-party software or home and remote working.
The idea is to focus on practical skills by testing cyber incident responses and then advising the company to improve its practices.
By diligently following established procedures and familiarising yourself with cybersecurity protocols, every person working with technology is essential to online security.
Attwood Marshall is committed to becoming “Essential Eight” compliant by the end of 2024. This means that we will fulfil the requirements released by the government to remain cyber-safe for our staff, our clients and the community. We recommend that all our clients who own or run small businesses look into the Australian government’s “Essential Eight” risk mitigation frameworks. You can learn more here: https://www.cyber.gov.au/resources-business-and-government/essential-cyber-security/essential-eight
Attwood Marshall Lawyers – Our top priority is cyber security
In addition to joining the ACSC program, Attwood Marshall Lawyers has partnered with one of the country’s top IT Security providers, Sentrian, who deliver world-class protection. We use the market’s best practice management software and property transaction programs, ensuring our lawyers follow strict protocols when handling sensitive information.
We are connected to our IT providers 24/7 to be able to identify and respond to any cyber security threats promptly.
If you ever receive suspicious communications that appear to be sent by Attwood Marshall Lawyers, but you are concerned about clicking a link, or if the communication is authentic, please get in touch with us immediately. Our team will be able to confirm any communication our staff has sent and advise of the best action. Please call 1800 621 081 or email firstname.lastname@example.org any time.