Montana Lawyer August/September 2024

After that call ended, I just sat there shaking my head wondering why these lawyers never took any steps to try to prevent access to client and firm data should something unexpected, like this break-in, ever occur. Sadly, I have an in kling. Security experts tell me they see this all the time. We live in a crazy cybercrime world, and the crazier it becomes, the more we all look for ways to escape from it, be it dreaming of walking away to sell tapas on the beach, choosing to remain in denial that something bad will ever happen, or ignor ing it because there’s nothing anyone can do anyway. While these are all normal responses when something seems overwhelming, they can also lead to serious trouble if any par ticular response prevents you from taking steps to responsibly deal with the reality of the situation. This is what I believe is behind a failure of a firm to take proactive steps

and do all they can to become as cyberse cure as they can. In all seriousness, I’ve seen it in the eyes of too many. We’ll be talking about things like the use of encryption, of strong passwords coupled with password managers, or even the necessity of conduct ing ongoing cyber security awareness train ing when the willingness and motivation to do something just seems to waft away. Look, I really do get it. As the Borg, an alien race in the Star Trek Next Generation TV series, used to say: “Resistance is futile.” That line hits home for me when I start to think about cyber security because the headlines tell us daily that it’s a losing effort so why even try. But try we must. If the lawyers mentioned above had just taken the single and simple step of encrypting the hard drives of those laptops, the difficult and problematic task of notify ing all clients of the breach, not to mention the potential long-term fallout of having

their own personal identities stolen, could have been avoided entirely. If you count yourself as one of the folks who believe it won’t ever happen to you, feel that ignorance is bliss, believe there’s nothing you can do to prevent it so why bother, or are just counting the days until the dream of getting away can become a reality, all I can say is this. Yes, becoming cyber secure is a pain. Do it anyway. Trust me, the headache that comes with being proactive is going to be far less than the one that comes with being a hacker’s next vic tim. Want proof? The MGM ransomware attack cost the company $100 million so far, and the law suits are just getting started. Oh, and remember this attack started with a simple request to reset a user password, something that a basic cybersecurity aware ness training program could have easily prevented. (mic drop)

AUGUST-SEPTEMBER 2024

25

WWW.MONTANABAR.ORG