The Oklahoma Bar Journal December 2024

instructions, and some drives even include simple software. Unplug the drive when finished. Do not store the drive in the office. Now, you have backups as of that day, and you can decide how often you want to update your backup.

Windows 10 on one computer, even though they know they shouldn’t. The subscription to the online backup service and security services were both accidentally canceled when the law firm’s credit card was compromised, and the person who set those up no longer works for the firm. So what does this law firm do in a high-risk situation? They must first prioritize protecting client data. Before we protect the castle, we must ensure the crown jewels are safe. For emergency triage, there are two broad paths: 1) You subscribe to a secure cloud storage service and move your data there. (Secure, in most cases, means you are paying for it.) 2) You send someone to the local big-box store or go online to buy several porta ble hard drives – hopefully,

the firm’s operations. But if so, it is also probable that your firm would not pay a ransom. WE CAN’T OR WON’T PAY THE RANSOM I would predict most of the law yers reading this would be in the “will not pay” category, whether it is uncertainty, lack of funds, lack of technical expertise in decryption or resistance to funding criminal activities. My goal in this column is to convince those law firms to accept that fact so they can move on to preparing for recovery in the event of an attack. Please read Mr. Sivasothy’s arti cle 3 for an excellent brief overview of your next steps, then review your own systems to prioritize what you should do first. It may be that some outside IT consulting help is required. Let’s take a worst-case scenario: a firm at high risk for an attack. Consider a small law firm with little in-house technology exper tise beyond Word and the billing system. They are still running

Those are triage plans, which are not intended to be permanent solutions. So let’s discuss build ing your cybersecurity defenses/ recovery systems.

GREAT DEFENSE WINS CHAMPIONSHIPS

Let’s note that preparing for a future recovery from an attack does not mean abandoning your defenses. You will need to main tain a firewall, an antivirus solu tion, email spam filters (because this will often block email threats, not just advertisements) and mandatory password managers to facilitate everyone using long, secure passwords.

one for each computer in the law firm. Then, copy the data onto the porta ble hard drives. There are

DECEMBER 2024 | 53

THE OKLAHOMA BAR JOURNAL