Author Archives: Stacey Ivol

The Extra Benefits You Get as a Client of Integrity First Corporation

Posted on by

I wanted to take a moment to share something important with you: the additional benefits you receive as a valued client of Integrity First Corporation.

Today, I’m not discussing policies or coverage–Instead, I’d like to highlight the exclusive resources and value-added tools available to you as part of the Integrity First community. These tools are designed to streamline your processes, enhance risk management, and keep you informed and empowered.

1. Your Personal, Secure Client Portal

One of the best perks we offer is access to our secure client portal, built on Citrix ShareFile with state-of-the-art encryption. With this portal, you have 24/7 access to your policies and applications, 365 days a year.

You can:

  • Create your own username and password
  • Send and receive encrypted emails
  • Upload documents directly to me
  • Complete and forward renewal applications with just a few clicks

It’s a sleek, secure, and incredibly helpful tool. If you’re not using it yet, I highly encourage you to log in and see how it can simplify your policy management.

2. Bi-Weekly Risk Management Emails

Every two weeks, we send out valuable emails to all of our clients. These include:

  • Risk management tips
  • Updates on emerging trends in legal malpractice
  • Articles on what to watch out for in cybersecurity and professional liability

Our goal is to keep you ahead of the curve so you can protect your practice with confidence.

3. Educational Videos

In addition to email updates, we also create and share short videos every couple of weeks. These videos cover topics like:

  • Legal malpractice insurance insights
  • Cyber insurance essentials
  • Tips for completing your insurance applications correctly
  • Industry news you need to know

We keep things practical and relevant — no golf stories, I promise! Just actionable content to help you stay informed.

4. Free Webinars and Live Events

We regularly host free webinars featuring expert speakers in legal malpractice and cyber liability. These webinars often come with CE credits, so not only are they educational, but they can also help you fulfill ongoing education requirements at no cost. Be on the lookout for announcements via email — they fill up quickly!

5. A Wealth of Resources on Our Website

Our website is a hub of valuable information. It’s home to every single video we’ve created — over 150 and counting! You can browse, watch, and learn at your convenience. We also have articles, risk management resources, and tools designed to help you navigate complex insurance topics with ease.

When you become an insured client with Integrity First Corporation, you gain access to so much more than just insurance coverage. We’re here to support you, educate you, and make managing your professional risks as simple as possible.

If you’re not already taking advantage of these resources, I encourage you to start today! Log in to your portal, check out our latest video, or register for an upcoming webinar.

Multi-Factor Authentication: A Stronger Defense for Your Cybersecurity

Posted on by

Welcome to Week 4 of Cybersecurity Awareness Month! As we continue to focus on protecting your digital assets, it’s time to discuss one of the most effective methods to secure your accounts—Multi-Factor Authentication (MFA). By adding multiple layers of defense, MFA helps to ensure that only authorized users can access your sensitive data.

What Is Multi-Factor Authentication (MFA)?

Multi-Factor Authentication (MFA) is a security measure that requires users to provide two or more verification steps to access an account. Think of it as an extra lock on your digital door. Even if a hacker manages to steal your password, they still need to pass through another security checkpoint to gain access.

How Does MFA Work?

MFA typically comes into play after you’ve entered your password. To complete the login process, you’ll need to provide additional proof of identity. Here are some common types of MFA verification methods:

  • An extra PIN: A four- to six-digit code that you must enter in addition to your password.
  • Security questions: Pre-set questions that only you should be able to answer, like your mother’s maiden name or the name of your first pet.
  • Code sent via email or text: A temporary code is sent to your phone or email, which you must enter to proceed.
  • Biometric scan: This could be a fingerprint, facial recognition, or even voice recognition, ensuring that only you can access your account.
  • Authenticator app: These apps generate a unique number every 30 seconds, which you use to verify your identity.
  • Secure token: A physical device like a key fob that generates a code, providing an extra layer of security.

Why Should You Use MFA?

In a world where cyber threats are constantly evolving, relying solely on passwords is no longer enough. MFA significantly reduces the risk of unauthorized access by adding an additional barrier that hackers must overcome. It’s especially crucial for protecting sensitive information such as financial data, client records, and other confidential materials.

By adopting MFA, businesses can ensure better data protection for their clients and themselves. This simple yet effective security measure helps prevent breaches that could lead to identity theft, financial losses, and damaged reputations.

Take Action Today to Protect Your Business

Cybersecurity is not just about having strong passwords; it’s about adding multiple layers of protection. By enabling MFA, you take a proactive step toward securing your digital environment. Start enhancing your firm’s cybersecurity with these layered defenses and stay ahead of potential threats.

And if you’re looking for additional ways to mitigate your risk, consider cyber liability insurance. It’s a crucial safeguard for businesses in today’s digital age. For more information, give us a call at 412-563-2106.

Strengthen your defenses and keep your data secure—because in the digital world, a little extra protection goes a long way.

Cybersecurity Awareness Month: Strengthen Your Defense with Fresh Updates

Posted on by

In today’s rapidly evolving digital landscape, cybersecurity requires constant vigilance. One critical step that’s often overlooked is keeping your software up to date. As we enter Week 3 of Cybersecurity Awareness Month, let’s shine a light on why software updates are essential for maintaining a strong digital defense.

Why Software Updates Matter for Your Security

Software updates are like fresh defenses in the ever-changing battlefield of cybersecurity. Much like a lawyer reviewing the latest case files to stay sharp, updating your software ensures that your security strategies are current. These updates contain patches that protect against newly discovered vulnerabilities. Without them, your system becomes an open target for cybercriminals looking to exploit any weaknesses.

The Risks of Outdated Software

Cybercriminals are always on the lookout for outdated software, which is more vulnerable to attacks. When you neglect to update, you’re essentially leaving the door open for hackers. Whether it’s your operating system, browser, or any application, outdated software creates gaps in your defenses that can easily be breached. By keeping everything up to date, you close those gaps and ensure your system is fortified against the latest threats.

The Importance of Trusted Sources for Updates

Not all software updates are created equal, and it’s crucial to download them from legitimate, trusted sources. Using unlicensed or hacked versions can introduce malware into your system, creating more problems than they solve. Always ensure you’re updating from official websites or platforms to avoid unintentionally weakening your cybersecurity.

How to Stay Ahead: Enable Automatic Updates

A simple way to never miss an important update is by enabling automatic updates. This feature ensures your software is always running the latest version, equipped with all necessary security patches. With automatic updates enabled, you won’t have to worry about remembering to manually update your software, and your system will stay protected.

Final Thoughts: Keep Your Defenses Strong with Regular Updates

In the world of cybersecurity, staying up to date is a key part of maintaining a strong system defense. Think of software updates as a routine check-up for your digital health. By making them a priority, you’ll ensure your defenses are ready to face any new threats. Stay vigilant, stay updated, and stay secure.

Cybersecurity Awareness Month: How Strong is Your Password?

Posted on by

Welcome to another exciting week of Cybersecurity Awareness Month! This week, we’re diving into the essential topic of password security. Imagine your password as your first line of defense in the courtroom of cybersecurity. It needs to be strong, unique, and hard to crack.

Why Password Strength Matters

Hackers often break into accounts by guessing or stealing weak passwords. Using the same password across multiple sites is like using the same defense strategy in every case—it makes you vulnerable. Protecting yourself starts with using strong, unique passwords.

Tips for Strong Passwords

  1. Length and Complexity: Ensure your password is at least 12 characters long. Mix it up with upper and lower case letters, numbers, and special symbols.
  2. Uniqueness: Each account should have a different password. This way, even if one account is compromised, others remain secure.
  3. Use a Password Manager: Can’t remember all your passwords? A password manager is your best friend. It’s like having a legal assistant who organizes all your files for you. It safely stores your passwords, generates strong ones, and ensures you don’t have to memorize them all.

Our Recommendation: KeePass

Here at our office, we use KeePass. It allows you to create, save, and search for passwords easily. KeePass can help you maintain that strong defense system by managing your passwords efficiently.

Remember, protecting your accounts starts with building a robust defense. Make your password fortress unbreakable!

Stay safe and secure online, and join us next week for more cybersecurity insights!

Defend Your Inbox: Recognizing and Preventing Phishing Scams This Cybersecurity Awareness Month

Posted on by

As October unfolds, it’s time to focus on a crucial aspect of our digital lives: cybersecurity. October is Cybersecurity Awareness Month, a perfect reminder to fortify our defenses against cyber threats. Whether you’re working in the office or remotely, the security of your personal and your firm’s data is paramount.

Just as you would build a solid legal case, constructing strong cybersecurity defenses is essential. Throughout this month, we’ll delve into strategies to keep you ahead of cybercriminals. Our focus areas include recognizing phishing attempts, using robust passwords, keeping software updated, and enabling multi-factor authentication (MFA).

Phishing emails are a prevalent method used by cybercriminals to infiltrate your inbox. Alarmingly, almost half of social engineering attacks are phishing-related, and a staggering 98% occur through email. However, these emails often carry signs that make them detectable.

Here’s how to spot a phishing email:

  1. Too Good to Be True Offers: If an email offers something unbelievable, like winning a contest you never entered, be skeptical.
  2. Urgent or Threatening Language: Emails that use alarmist language might be phishing attempts.
  3. Suspicious Email Addresses: Verify if the sender’s email matches the company it claims to be from.
  4. Requests for Personal Information: Never send personal information or click on unfamiliar links.

When in doubt, report suspicious emails to your IT team immediately. Your swift action could prevent a severe data breach, much like stopping an argument before it escalates.

Stay vigilant, and remember, your proactive defense is crucial to your firm’s security. Let’s work together to make this Cybersecurity Awareness Month a success!

Be prepared against cyber attacks

Posted on by

In the past 4 weeks, we have covered multiple cyber security exposures that are common to law firms, including:

We have also covered how to minimize the risk associated with them.

However, they all have one thing in common…a human element, which is almost impossible to safeguard 100%.  About half of all data breaches happen due to some type of human error.

This is why we recommend purchasing cyber liability insurance.

Cyber liability insurance provides a combination of coverage options and services to help protect businesses against data breaches and other cyber events as well as help to recover quickly if an attack does take place.

This insurance can help cover the costs associated with an attack or breach, such as:

  • Lost income due to cyber event
  • Customer notification 
  • Data recovery
  • Damaged computer repair
  • And more!

Law firms use multiple types of technology that face cyber risk.  As this tech becomes more complex, so does the risk that comes with it.  This is why every business should be prepared with a cyber security plan/training as well as cyber liability insurance to help mitigate the risk.

Let INF help place you with the best cyber liability carrier for your firm’s needs.  To get started, give us a call at 412.563.2106 today.

Do you have multi factor authentication to verify your identity…because 44% of businesses don’t

Posted on by

Because October is Cyber Security Awareness Month, we thought that we would take the next few weeks to highlight cyber security exposures that are common to law firms.

Did you know that 44% of businesses don’t use multifactor authentication?

Your question back to me might be – What is multifactor authentication and why would I need it?

Multi Factor authentication or MFA is a security method that needs a user to use two or more authentication factors to prove who they are before they can use an organization’s network, check their email from a remote location, or use privileged or administrative accounts.  It helps make sure that you are who you say you are.

The most common use of MFA is when banks or credit cards require you to input a password as well as a code that they email/text/call you with.

MFA should be used by law firms with email accounts as well as accessing any network remotely.

In fact, according to Microsoft, 99.9% of account compromise attacks can be blocked by MFA!

Most email products as well as system access software have MFA built in, so be sure to enable and protect your data!

Questions about risk mitigation for this exposure?  Call us at 412.563.2106.

Next week, we will talk about how to protect your firm against multiple exposures!

Check to see if your email/password combination has been exposed in a recent data breach

Posted on by

Because October is Cyber Security Awareness Month, we thought that we would take the next few weeks to highlight cyber security exposures that are common to law firms.

This week’s topic – Passwords!

Did you know that there is a website that you can go to check to see if your email/password combination has been a part of a data breach?  It’s called “Have I Been Pwned?” and you can access it here: https://haveibeenpwned.com/

It contains over 12 BILLION username/password combos that have been exposed in recent hacks.

Go to the site and enter your email address to see if you have been exposed.  If so – change your password immediately for the account that was hacked.

Want to create a good password?

Try using these 7 criteria:

  • 12 characters or more in length
  • Contains an uppercase letter
  • Contains a lowercase letter
  • Contains a number
  • Contains a symbol
  • Does not contain real words that could easily guessed by a dictionary attack
  • Hasn’t been used before as a password by your email address

Need help remembering each unique password?  Invest in a password manager, like 1Password or KeePass.

Questions about risk mitigation for this exposure? Call us at 412.563.2106

Next week, we will discuss multi factor authentication!

Do you know about the email wire fraud scam affecting lawyers and law firms?

Posted on by

Because October is Cyber Security Awareness Month, we thought that we would take the next few weeks to highlight cyber security exposures that are common to law firms.

This week we wanted to talk about wire fraud.  Despite the fact that wire fraud scams target a wide range of professionals, attorneys who handle real estate transactions and/or wire money are particularly at risk.

Lawyers should be aware of any fraud schemes that could cost them and/or their clients hundreds of thousands of dollars if they transfer money to or on behalf of clients. The Federal Bureau of Investigation (FBI) estimates that scammers have stolen up to $1.33 billion just in the United States.

Here’s how the scheme normally works:

  • The scammer will gain control of an email account from at least one of the parties in a transaction.  Typically that transaction will be in real estate.  They will use this access to gain details.
  • The scammer will send a set of emails that appear to be legitimate discussing the details of the deal to build trust
  • Then, the scammer will send wire instructions OR make changes to a previously supplied set of instructions
  • The scammer will say this matter is “urgent” and that everything “needs to be done today”.  This is so the normal set of checks and balances will be bypassed, thus eliminating the normal scrutiny requests like these should get
  • Then, the attorney would unknowingly wire the money to the scammer’s account and the scammer will typically move that money immediately to an overseas account so it cannot be stopped

There are a few ways that attorneys can prevent wire fraud – 

#1 – Be hyper-vigilant

First, attorneys should be on the lookout for wire fraud scams and be skeptical whenever money is being wired to finish any kind of transaction. Wire fraud scams that use emails can involve anyone in a transaction, from someone the attorney has worked with for 40 years to someone they have only met briefly for one transaction. Because of how email works, it is much easier to hide a person’s true name through email than over the phone or in person.

#2 – Use a second authentication factor

Use a phone call as the second authentication factor to easily check on all wire transfer requests.

Before any money is moved out of the law firm for a transaction, an attorney can find out about most possible fraud scams by calling the person who is supposedly sending the email. Attorneys should always use the contact information they already have for the person instead of the information in the email, which could be fake. Lawyers can also call someone else at the company. The main point is to do something outside of the email chain that could be hacked.

#3 – Be skeptical of last minute changes

Be careful when a party in a deal suddenly changes how they usually do things. This could mean moving money to a different account, using a personal email address instead of a work one, or talking to someone else at the company. All of these things could be signs of a possible scam. 

Questions about risk mitigation for this exposure?  Call us at 412.563.2106

Stay tuned for next week where we will send you a website where you can check to see if your email/password combination has been exposed in any major hack.

50% of all businesses are worried about ransomware – are you?

Posted on by

Because October is Cyber Security Awareness Month, we thought that we would take the next few weeks to highlight cyber security exposures that are common to law firms.

A common question that we hear from our insureds is – What is ransomware and can it affect me?

Ransomware is a type of harmful software (also known as “malware”) that online thieves use to access a victim’s network. Typically, this happens via a download by an employee that was tricked.  Once they are into the system, they’ll encrypt it so you can no longer access anything.

Finally, the thieves will demand a ransom, generally in bitcoin, in exchange for the decryption key.

Attackers using ransomware have recently increased their aggressivity, requesting six-, seven-, and even eight-figure ransom payments from organizations. It is more difficult for organizations to recover from such an attack as a result of these criminals deleting backups and, in some circumstances, issuing threats to reveal critical or confidential material.

Can it affect law firms? YES!  In fact, here is a link to an article discussing a ransomware attack that is common to the legal industry: https://www.logikcull.com/blog/maze-ransomware-law-firms

One way to prevent ransomware affecting you is to make sure that your employees are well-trained on spotting suspicious emails and attachments.  This way, they won’t download malicious files.

Another way to prevent ransomware is to make sure that you have a complete backup of your system that can be restored within 24-48 hours.  This will enable you to put your system back up and lose minimal time without needing to deal with the criminals.

Questions about risk mitigation for this exposure?  Call us at 412.563.2106

Stay tuned for next week where we will discuss wire fraud.