When it Comes to Cyber Security, Law Firms Need to Get Serious
If you’re like most law firms, cyber security is an issue that you rarely contemplate. As a professional litigator, it’s your responsibility to win cases.
As client advocate, you’re entrusted with private information on mergers and acquisitions and privy to confidential business strategies that you must not disclose. Hackers know this, which is why Cisco now says that law firms are the seventh leading industry at risk of cyber security attacks.
The legal industry is lagging behind in their efforts to shore up potential holes in cyber security infrastructures. Law firms are now low hanging fruit, easy pickings for the hacker eager to garner confidential intellectual property.
Is Your Firm a Target?
Bloomberg began reporting on this phenomenon in 2012, when Chinese hackers digitally robbed details of a $40 billion buyout of an Australian mining company. Cyber security firm Mandiant confirmed that in the prior year, approximately 80 U.S. law firms faced an IT security incident that put their client’s confidential information at risk.
Law firms have been careful to avoid disclosure of these breeches as they occur, for obvious reasons. In 2015 Citigroup publicly called out the biggest legal names in the industry for their failure to admit what was becoming increasingly obvious: law firms were failing to adapt their IT infrastructures to increasing cyber threats.
Responding to the President’s Cybersecurity National Action Plan, the American Bar Association formed the ABA Cybersecurity Legal Task Force. Their goal is to address the risks spawned by hackers across the world.
One of the tenets of the task force is to share cyber threats as they arise. This is important, but it’s also clearly reactive. While the ABA is taking this threat to the industry seriously, law firms need to be proactive in their approaches to assessing and combating cyber attacks.
When Law Firms Fail to Adapt to Cyber Security Threats
Cyber security is a moving target. The Internet of Things (IoT), comprised of billions of cloud-connected digital devices, has created greater risk for cyber breach in all industries. These risks are incentive for law firms to step up to the evolving threats to cyber security. These dangers are real and can no longer be ignored. In March 2016, The Wall Street Journal broke the story that hackers successfully breached several of the most well respected firms in the nation. The firms represented some of the biggest Wall Street banks and Fortune 500 companies in every industry. Hackers responded to the story by posting their goal — to attack more law firms.
These days, client confidentiality extends beyond the traditional non-disclosure rules of attorney-client privilege. It also encompasses how your IT infrastructure protects sensitive data, from individual client information to corporate trade secrets. Failing to respond proactively to the growing risk of law firm cyber security will put you – and your clients – at greater risk.
Developing a proactive strategy for law firm cyber security is a necessity for the legal industry. To get started, download our Guide to Keeping Your Firm Safe From Cybersecurity Threats.