I am often asked, “How could I possibly know if my law firm is prone to phishing attacks? I feel like I have to wait for something bad to happen in order to assess my risk.” That’s like waiting for a heart attack before getting your blood pressure and cholesterol checked! There is one easy (actually, free) way to assess how phish-prone your law firm is: phish it! Knowing this benchmark, this vital sign, is the first step in security awareness training for law firms.
Knowing your phish-prone percentage is like knowing your body’s vital signs. They allow you to change your habits, protect yourself, be proactive.
Luckily, it’s not hard to get a baseline on your law firm’s phish-prone percentage. (That’s lingo for “how many people in your firm will click on nefarious emails and let the bad guys in?”) Our partner, KnowBe4, has a free tool that you can easily launch to get your baseline phish-prone percentage. Once you have that number, you can share it with your managers to help them understand that the patient (your firm) is in dire need of intervention.
The free tool is called the Phishing Security Test and all you have to do is let me know via email, phone or Calendly that you want to open a free account. Then you add your users to the tool and launch a test. Within a few hours, you will have your results.
On average, KnowBe4 has found that law firms and corporate legal departments are around 28% phish-prone without any security awareness training. After three months of training, that number drops to around 15%, and after a year of training, it drops to about 5%.
If you are a firm with 250 employees and 28% of them click nefarious emails, that means 70 people are opening your firm up to hackers. That is a humongous hole in your security system.
New-School Security Awareness Training for Law Firms
Old-school security awareness training typically involves one annual training that is more “death by PowerPoint” than actual training. KnowBe4 has developed “new-school security awareness training,” with an array of engaging, interactive content, including videos, games, newsletters, and posters.
But the real wizardry at KnowBe4 is in the thousands of phishing templates available for phishing tests. As your training progresses and your phishing tests keep dropping, you’ll be able to see your most frequent offenders (assign them more training) and celebrate as your overall phish-prone percentage plummets.
All of this results in reduced malware infection, reduced data loss, reduced cyber-theft, and increased productivity.
KnowBe4 Security Awareness Training for Law Firms
So, once you know your phish-prone percentage, why would you choose KnowBe4 for your security awareness training for law firms? Because, quite honestly, they’re the world’s best.
Forrester Research named KnowBe4 a Leader in The Forrester WaveTM: Security Awareness and Training Solutions, Q1 2020. Using a 23-criteria evaluation, the Forrester Wave report ranks 12 vendors in the security awareness and training market based on their current offering, strategy, and market presence.
KnowBe4 received the highest scores possible in 17 of the 23 evaluation criteria, including learner content and go-to-market approach. I have looked at the competitors and none of them provide security awareness training for law firms that even comes close to the quality (and impact) that KnowBe4 provides.
Also, when you are a KnowBe4 client at any level, your membership comes with unlimited support at no additional cost. (Most other providers charge a premium for customer service.) Also, the KnowBe4 training content is constantly updated and never gets stale. (Have you heard about their award-winning, binge-worthy psychological thriller mini-series, The Inside Man? Check it out!)
Would you like a demo of the KnowBe4 phishing platform? Or would you like to use the free Phishing Security Test? Contact me by email or book a 30- or 60-minute demo on my Calendly. I love introducing people to KnowBe4 because their products literally make people say, “Wow!”