Cybercrime is still on the rise. The 2022 Verizon Data Breach Investigations Report found a 13% increase in ransomware in 2021  — an increase as big as the previous 5 years combined. 

ransomware action variety over time verizon 2023 Data Breach Report

Though legal professionals have an ethical duty to protect their client’s information, cybersecurity can feel intimidating and overwhelming. The latest ABA TechReport found that 17% of respondents said they had no security policies, and an additional 8% said they didn’t know any security policies. 

Legal Respondents who did and did not have security policies

Our team at Filevine has built industry-recognized, best-in-class information security tools and technology to safeguard your data. But every firm and legal team should dedicate time and attention to building and strengthening their own security policies.

This Cybersecurity Awareness Month, take these 5 quick and easy steps to strengthen your security posture and significantly reduce the risk of a hacker targeting your data:

5 Ways You Can Improve Your Cybersecurity Posture  

1. Enroll Your Legal Software in Two-Factor Authentication (2FA)

One of the simplest ways to strengthen security is to enroll in two-factor authentication for your case management software, email, and mobile service provider accounts. With many forms of 2FA, when you log in to an account, you are sent a time-sensitive verification code on your phone. 

Without 2FA, scammers only need to steal your username and password to access your sensitive information. But 2FA provides an extra layer of security by giving bad actors an additional obstacle.

2. Start Using Biometrics

A password can be guessed, but a thumbprint or facial recognition profile is much more difficult to do so. Where possible, enroll your legal case management software in biometric security for your smartphone or mobile device. A biometric login, which typically uses a fingerprint or facial recognition, is far more secure than a username and password on its own. It’s also a faster way to log in.

The latest ABA TechReport found that about 11% of law firms are already using biometric login to protect their information. 

3. Change Your Duplicate Passwords and Usernames.

With so many accounts to sign into, it’s no wonder that we end up ‘recycling’ the passwords and usernames we can best remember. A 2019 Google poll found that 65% of respondents reuse passwords at least some of the time.

But every time you reuse a password, you make it more precarious. Scammers purchase compromised login credentials from the dark web and then test them on hundreds of websites to find people who reuse those credentials for multiple accounts. Your reused password becomes the skeleton key that opens multiple locks.

Don’t let them find you! Create unique passwords and usernames for each of your accounts. A reputable password manager can help you securely store your unique passwords and usernames so you can still access everything you need.

4. Protect Yourself from Ransomware. 

Ransomware has become more sophisticated in 2023, as attackers use more advanced techniques to steal and extort organizations for their information. According to Zscaler ThreatLabz, some industry sectors have seen triple digit increases in double-extortion attacks, where bad actors steal data and threaten to publish it unless a ransom is paid. Ransomware attacks against service industries, including legal practices, have increased by 56% in 2023. 

Ransomeware attacks against service industries

Prevention is more important than ever.  Regularly patch devices and train all employees to be vigilant. Trust but verify email, calls, and other forms of communication. Filevine frequently helps customers survive a ransomware attack by keeping documents safely in our cloud-platform.

5. Learn How to Use Artificial Intelligence (AI) Safely.

The big legal tech innovation in 2023 is Artificial Intelligence in Legal Tech, or AI. While AI can provide contextual insights and speed up document analysis, it remains a new technology and must withstand the test of time. In June, two Manhattan attorneys were reprimanded by a judge for citing fictitious case law fabricated by ChatGPT. AI is also being used increasingly by attackers to carry out social engineering, phishing, and cybercrime that are increasingly difficult to detect. 

Filevine is very careful to only use trusted information sources to train our AI and protect against external disclosure by using isolated AI engines. Furthermore, we restrict document access so documents stay within our controlled environment and we tightly manage the metadata, search queries and other outputs of the AI to ensure compliance with our high security standards. 


Cybersecurity threats are always changing, and security efforts must be an ongoing process. But these 5 steps are a great place to begin making your information more secure. For support in this evolving landscape, learn how Filevine can help you protect your clients’ information