As technology has become essential to our everyday lives, so too has the need to protect our information from bad actors. This is especially true at legal organizations, where confidential data and documents are handled every day.
A recent Arctic Wolf and Above the Law report found that 39% of respondents had a cyber breach at their firm in the last year, underscoring the need to remain aware and prepared at all times. Phishing and ransomware attacks pose a particular threat, as they can be easily fallen for and have serious financial consequences.
The issue of cybersecurity hit home at ALA HQ earlier this summer, when staff members (and their relatives in some cases) received a text message reporting to be from me asking them to confirm that they received the message. Thankfully, everyone was immediately suspicious that I would be texting their personal phones in the middle of the workday and alerted our IT team, who quickly let staff know to ignore the text, mark it as spam and block the number.
We later discovered that the scammer was looking for people to buy Apple gift cards, under the guise of “staff recognition.” Needless to say, asking staff to buy their own gift cards is not how we recognize employees at ALA. I am grateful that we were able to promptly identify this as a scam and warn the team before anyone put themselves at risk.
Although no one was harmed by this scam, it offered yet another reminder that bad actors are constantly looking for ways to target vulnerabilities at our organizations. Whether it’s by pretending to be an association’s Executive Director or by holding a firm’s valuable data for ransom, these attempts are growing increasingly complex and harder to identify. Industry experts also attest that the rapid advancement of artificial intelligence (AI) will only embolden attackers through deepfakes, AI-generated phishing emails and more.
“A recent Arctic Wolf and Above the Law report found that 39% of respondents had a cyber breach at their firm in the last year, underscoring the need to remain aware and prepared at all times.”
ALA recognizes the considerable cyberthreat that legal organizations face — that’s one of the reasons why we devote an annual issue of Legal Management to ensuring your organization has the knowledge it needs to stay ahead of technology trends and cyber risks. Our Legal Management Talk podcast recently released an episode on layering cybersecurity methods, in addition to past episodes on cyber insurance and how AI can be used in the legal industry.
We’re also making technology and AI a focus of our 2025 Annual Conference & Expo in Nashville, where we’ll devote a half-day preconference program on the many uses, benefits and risks of AI and other technology in legal and what it means for legal administrators. This will be a great opportunity to hear from experts and your peers about the critical role legal administrators play in serving the interests of their organizations.
This Cybersecurity Awareness Month, we should take the opportunity to renew our focus on ensuring our organization’s cyber defenses are robust and up to date. While one day may bring an easily identifiable gift card scam, the next may bring a much more sinister attack that cripples the organization for some time — unless we are prepared. I hope ALA can serve as an essential resource as we navigate the ever-evolving technology landscape and the threats that it presents.
