The premise of my book, Cybersecurity for the Home and Office: The Lawyer’s Guide to Taking Charge of Your Own Information Security, is simple—give readers knowledge so they can take charge of their own cybersecurity to protect themselves, their family, their workplace, and their clients from the myriad threats we all face. It seems as if I only recently submitted my proposal to write the book for the ABA, yet somehow a year and a half has gone by, and seeing it for sale is a thrill. It proved more work than anticipated, but the intense effort plus extensive feedback from editors and readers has resulted in a comprehensive guide.
Technology may change rapidly, but we still need to protect ourselves. We already take precautions in other areas that have become second nature, such as locking our doors at night, putting on seat belts, and following the rules of the road. We need to extend this to our computing devices and data, and when we learn and implement sensible measures, we not only protect ourselves but we even can become more efficient. Cybersecurity is no longer an option—lawyers have responsibilities they must live up to. Further, clients face similar risks that we do, so a knowledgeable lawyer can better advise clients.
Chapter 1 explains the book’s relevance for the reader and introduces some important security measures. Chapter 2 gives an understanding of the cybercrime threats because understanding Internet crime and its many participants allows us to exercise common sense when deciding about cybersecurity measures. Blindly following—or ignoring—various cybersecurity rules is not optimal. Chapter 3 explains the threats to your personal privacy, including how corporations and advertisers want to learn about you, track you, and store data about you. The chapter also shows how cybersecurity and privacy are intertwined.
Chapter 4 explains information security principles, putting the most important concepts into understandable language that will allow you to apply them in your home, in your office, and for your clients. I hold a certification in information security, which took considerable study to achieve, and this chapter benefits from this effort. The next chapters benefit from my learning toward several IT certifications.
Chapters 5 and 6 teach how computers, networks, and the Internet work. Our computing devices may seem like mysterious and impenetrable black boxes, but they are made up of understandable, discrete components. Learning the parts of a computer helps to demystify it and helps us to operate and secure it. Understanding networking and Internet addressing is also helpful—they are the highway to our data and also the path criminals use to get to us. To parallel these chapters, I created a website that includes photos that could not be included in the book.
The first half of the book provides a solid understanding that underpins the implementation of security measures covered in the second half. This is analogous to what car owners and drivers should understand, including collision risks, basic components of a car (engine, transmission, brakes, seat belts), traffic laws, and even principles of physics relevant to keeping the car under control and on the road. Although the first half of the book gives readers brief instructions about what security measures to implement, details on securing oneself are reserved for the second half.
Chapter 7 starts the process of securing the reader, providing an introduction to the basic measures that should be implemented. From there, the book systematically proceeds through the securing of computing devices (Chapter 8), data and cloud accounts (Chapter 9), and networks and Internet use (Chapter 10). This triad—devices, data, and network—is a helpful way to conceptualize, organize, and prioritize cybersecurity for anyone, whether an individual, firm, or business.
Having finished Chapter 10, the reader has crested the hill, absorbed and applied considerable knowledge to protect self and home. Chapter 11 focuses on children and seniors, who face special challenges relating to technology and security. Then comes Chapter 12 about travel and staying secure when leaving the home. Chapter 13 is devoted to securing the office, which means applying what you have already learned to your work space, which has different risk factors and often involves a separate location, co-workers, and other considerations.
A book from and for lawyers would not be complete without copious footnotes and citations, which Chapter 14 provides. More importantly, it gives a helpful overview of professional responsibilities, the law, and cybersecurity frameworks. Finally, Chapter 15 contains troubleshooting guides for a host of technical, cybercrime, and cybersecurity issues that you or your clients might encounter. At the back of the book are appendices on a variety of topics to help you assess yourself, set your “cybersecurity dial,” and safely dispose of your computers and the data within them, along with fill-in-the-blank forms to help you secure your devices, data, and networks.
The book is sprinkled with numerous interesting vignettes that emphasize certain principles. These stories include references to Battlestar Galactica, Better Call Saul, and the times I left a full cup of coffee on the roof of my police car, almost knocked myself down a flight of stairs, and pocket-dialed my brother a dozen times. I’ll leave you to speculate on their relevance to the book, and they are distinctly formatted as boxed text so a hurried reader can bypass them if desired.
That is the basic summary of my book, about which I admit a lack of impartiality. Undeniably, it represents a significant amount of work from myself, the editors and readers, and the ABA, having gone through many painstaking revisions. Of course, everything can be improved, so I welcome constructive feedback to be incorporated into the next edition.
Cybercrime is a multi-billion-dollar-a-year criminal industry whose participants have little fear of law enforcement, and incidents of cybercrime and cybercrime-related identity theft continue to grow. Cybersecurity is also a rapidly growing industry, which can mean a barrage of conflicting information directed at the consumer. Technology and the Internet are here to stay, along with cybercrime and privacy threats, so we need to protect ourselves, our families, and our clients. Cybersecurity is not “one-size-fits-all,” nor is it the exclusive province of “experts” and providers of security products and services. Instead, it is for you to learn about and make your own decisions.
Cybersecurity for the Home and Office will teach you how to improve cybersecurity for yourself, without any costly services or products. The time invested now can make your computing experience more efficient and productive, while also preventing an expensive disaster. It will help you take charge of your own technology, cybersecurity, and privacy.
Cybersecurity for the Home and Office: The Lawyer’s Guide to Taking Charge of Your Own Information Security
By John Bandler
Product code: 5450076
2017, 416 pages, 6 x 9, paperback