Why legal firms must get on top of cybersecurity
The legal sector is critical to the running of the economy and society. Whether it’s overseeing a business deal, property conveyancing, managing civil rights proceedings or representation in criminal cases, the law and its wide ecosystem is a form of critical infrastructure.
That means it should be a concern that the legal sector is relatively immature in terms of cybersecurity. One third of law firms have no incident response plan, despite 62 per cent estimated to have been the victim of a cyberattack in 2015.
The most common types of attacks are spear phishing, whaling and email fraud. But the insider threat from malicious individuals is a growing concern for the legal and other sectors.
The huge amounts of information and data that law firms hold are a big draw for cybercriminals. This includes information on litigation, mergers and acquisitions, trade secrets, intellectual property, financial details (corporate and personal clients), and personal details of divorces, pre-nuptial agreements, adoptions and paternity.
When law firms have been breached, the results have been hugely damaging for clients and firm reputations alike. Just think of offshore law firm Mossack Fonseca and the 2016 leak of 11.5 million files that made up the ‘Panama Papers’.
In addition to the loss of information itself, firms face a loss of trust. A legal firm that can’t safeguard its client data will lose the clients it has and struggle to attract new ones. Just as damaging (if not more) is the prospect of liability claims against firms deemed to have been at fault.
Consequently, it has grown imperative for law firms to be able to achieve better visibility about what is happening across their systems and to understand how data is being stored, accessed and used.
Today it’s a matter of ‘when’ and not ‘if’ a perimeter defence will be breached as increasingly sophisticated cyberattacks bombard organisations of all kinds. This means effective detection and response technologies have become essential.
Next-generation security information and event management (SIEM) provide a complete picture of security-related activity across networks. A SIEM solution should be complemented with user and entity behaviour analytics (UEBA) to quickly detect and respond to unusual network activity and flag it for investigation or automatically contain it as a potential threat.
Just as important, a law firm’s security culture needs to be strengthened through effective and ongoing training, communication and monitoring. This should be a priority, not just a yearly box-ticking exercise.
One firm to have taken steps to make its cybersecurity capabilities fit for purpose is EMW Law. With the security and privacy of clients of upmost importance, EMW realised there was a need to implement more centralised logging and alerting capabilities to be able to quickly and easily mitigate potential threats.
Using the LogRhythm platform to correlate all network activity, the firm, which specialises in commercial law and has 175 employees across offices in London and Milton Keynes, was able to view its entire security landscape via a single pane of glass.
Previously, the IT team was manually identifying vulnerabilities or threats, which was putting a strain on their time and resources. The company was also failing to make the most of its security intelligence tools, which were composed of separate systems working independently of each other.
The LogRhythm platform brought these tools together and made the process of detecting threats much easier. The system generated around 50 security alerts each day, which showed the extent of the potential threats faced.
EMW found LogRhythm provided a means for the security team to investigate alerts immediately, improving the chances of halting an attack before any damage was done. It also saved the security team a significant amount of time, meaning they could focus on other priority areas.
All law firms need to make sure their cybersecurity is fit for purpose. The technology to provide the necessary level of visibility and speed of detection is out there, but only by acknowledging the risks and taking action can law firms protect themselves as they should. In the battle against advanced threats, the defence should never rest.
Visit us at Legalex stand 700 to discuss your cybersecurity requirements.
By Lewis Slaney, LogRhythm