Think Only Big Law Is Targeted By Cyber Attacks? Think Again
Your small law firm may have big IT security issues. Cyber criminals are increasingly interested in what your firm has; the data and intellectual capital of your clients.
Could your small firm serve as the unlocked back door to corporate trade secrets or confidential financial data? Consider this:
– The ABA says one in four law firms have experienced a data breach.
– In a 2015 report, only 34% of the firms with 10-49 attorneys had a cyber security plan in place. For firms with 2-9 lawyers, only 20% say they’re prepared.
– The same survey cited the increasing use of personal digital devices like smartphones to remotely access internal server networks at firms both large and small.
The legal profession is gradually coming to understand that the biggest risk to business is actually the vulnerabilities inherent in our unprotected cloud-based infrastructures. Each of the Wi-Fi connected devices you handle becomes a potential conduit for thieves to access client data.
Unless we take steps now, small firms could create big damage. Some tech consultants say 80% of all law firms have been hacked and the other 20% either don’t know or won’t admit that they’ve had a data breach.
Managing The Risk Around Cyber Theft
The ABA’s Cybersecurity Task Force calls for an increasingly robust response to this issue from the legal community and has been pushing for funding for the court systems at all levels to step up efforts to protect electronic data. In 2014 they urged private and public organizations with mission-critical infrastructures to improve their cybersecurity efforts.
This is solid advice whether your firm has one attorney – or 100. Small law firms have big targets on their backs because hackers understand they usually lack dedicated IT support teams to help safely manage and store data. At minimum, all firms should be shoring up firewalls, adding intrusion detection systems, improving the frequency and storage of data backups and utilizing a document retention strategy.
This does not mean storing your data on a free or inexpensive cloud-based holding tank like Google Drive or Dropbox, which can spoil critical metadata. Finding providers geared specifically for the legal profession will be key to the security of your information. No matter the size of your firm, you have both an ethical and legal obligation to protect client confidentiality.
These days many of the threats to this revered legal covenant are spawned through the cloud — and the very technology that has greatly improved communication and the eDiscovery process for law firms.
While the industry has been discussing the problem for the past four years, it is often conservative in its approach to adapting our methodologies to fit the latest in cyber threats.
Combating a Small Law Firm Cyber Attack
Have the perceived costs of adding cyber security measures to your small firm been keeping you from responding to these threats? If so, ask yourself if you can afford the ramifications of a security breach.
To find out how your small firm can stay on top of these challenges, download the Guide to Keeping Your Firm Safe From Cyber Security Threats ebook.