Why this book?

Most have neither considered, nor know how “cyber secure” they are. For the majority who are not information technology (IT) professionals, the idea of delving into the technical details of secure computing can create apprehension and confusion. Some people think that if their email system works, and if their documents are accessible, then why bother making any security improvements to their system, which might create complications or cost time and money. Some would prefer not to know the cybercrime risks they are facing, or just haven’t thought about it. Cybersecurity is more, though; it is also about protecting data from risks other than cybercrime, such as unanticipated IT issues, hard-drive crashes, house fires, and other incidents. Beyond security, this book will also provide information to use computers and data more efficiently.

No matter an individual's level of comfort or experience with computers, this book will help recognize when electronic “doors” are open to cybercriminals, and aid in fully appreciating why certain security steps need to be taken. Since cybercriminals are always attacking, trying to steal data or make data unusable, Cybersecurity for the Home and Office: The Lawyer's Guide to Taking Charge of Your Own Information Security will make it easier to understand these risks so a decision can be made as to where to set the “cybersecurity dial” in home and office. How much risk feels comfortable? How sensitive or confidential is your data? Are you safeguarding someone else’s data and confidential information? What is risked, professionally and personally, if data is ever stolen or compromised? Setting the dial too low, may allow for over exposure to threats, but if the dial is too high, frustration may set in with the inconveniences of the security measures themselves.  appendices 1 – 4 offer some assessments and materials to start your thought process about your cybersecurity posture and awareness. Appendices 1 and 2 have short quizzes to assess your current security, awareness, threats, and how home and work cybersecurity are related. Appendix 3 discusses the concept of the cybersecurity dial, where it is set now, and where it needs to be. Appendix 4 covers some common cybersecurity myths.

Cybersecurity is not “one-size-fits-all.” It needs to be what works for each individual. It’s how to decide to evaluate and manage risks. With this book, you can gradually increase your security posture as you learn, by making incremental changes and learning to live with them. For the price of this book, you will learn how to improve your cybersecurity by yourself, without paying anyone else, as this book does not recommend any costly services or products. The time invested now can save from having an expensive disaster later and could make your computing experience much more efficient. By first fixing cybersecurity at home and with personal devices, you will then be able to translate that knowledge and experience to your workplace.

Waiting for the law and other standards to evolve is not the right move, as they will always lag behind the pace of technology advancements. The basic principles and methods to secure yourself are available now to learn and apply them yourself. Technology will continue to change rapidly, but if the basic principles are understood, then sound, ongoing choices to can be implemented and utilized.

You need not become a technology expert; however, you should learn about the serious threats faced, the potential consequences, and the steps that can be taken to mitigate these risks. Technology-related threats and appropriate countermeasures are similar to things you already do in your “brick and mortar” physical life. Learn to secure your computer just as you lock your house’s doors and windows, put on a seatbelt while driving, check your car’s oil level, tire pressure, and stop at red lights. Yes, computers can be complex, frustrating, and confusing, but everyone can learn how to do this.

The author wrote this book for lawyers because they all have personal and work-related information on numerous devices and in various locations. Every lawyer should be aware of the risks of loss or theft of that information, and be ready to react.