‘Understanding The Risk Is The First Step Towards Reducing It’

With such a heavy reliance on technology and connectivity in our practices today it is no wonder security has become a growing area of concern for us, as in most organisations. Security risks are at an all-time high with the media reporting on new security breaches and threats almost every day, and law firms have not escaped. Not only are there huge legal consequences of a data breach, there are also reputational and financial implications that can have a profound impact on any firm or organisation.

Objectives of this webinar

This session aims to educate us on the most prominent risks that are present in today’s business environment. It is delivered in a non-technical capacity and highlights:

  1. DLP (Data Loss Protection)
  • The importance of data loss protection to an organisations integrity, reputation and financial operation [GDPR]
  • Vendor controls
  • Securing your enterprise email
  1. Ransomware -v- Targeted Ransomware
    • Shift in behaviour from pre-2016 Ransomware attacks to post-2016 targeted ransomware attacks
      1. Phase 1: Recon & Lay dormant
      2. Phase 2: Activate 16-18 months in
    • Social engineering – profiling – spoofing
  1. Threat Intelligence
  • IR & EDR response
  • Data
  • Logs, events, SIEM, data analytics
  1. Phishing
  • Your employees are your first line of defence, educating your employees to protect your organisation
  1. Access Control
  • Protecting your organisation from whom is required and authorized to access your network
  • Segregation of duties and admin controls
  1. Compensating security controls to your estate
  • Controls such as IDS/IPS, Firewall, Security Perimeters
  1. Deception
  • Creating deception within your estate is key


David Cahill is Security Strategy and Architecture Manager for AIB, with 14 years Information Security experience within the Irish financial services space, and in advising on best practices for designing corporate security policies including Cyber Defence, Mobile Device Management and Security Awareness. David is also a committee member of the Irish Information Security Forum (IISF), a non-for-profit group which was established primarily to improve the understanding and practice of Information Security within the business computer user community.

Category of CPD: Regulatory (and/or Management and/or General)*
Duration: 1.1 Hours

* (which you can also use as Management or General CPD if you have already done your mandatory Regulatory and/or Management hours, respectively).

To view this webinar and print your CPD Certificate immediately afterwards, click on Purchase (or on Login if you have already registered and purchased this webinar).

Purchase Login