The most respected legal firms in the country didn’t get where they are because of their cyber security prowess. But as recent incidents suggest, a strong cyber defense has become a critical part of maintaining a law practice and protecting highly sensitive client data.
Recent reports show that several top law firms – including Cravath Swaine & Moore LLP and Weil, Gotshal & Manges – experienced major network breaches last summer. Although the exact purpose of these breaches remains unclear, federal investigators suspect that hackers may have been seeking data to inform insider-trading activity.
After these incidents were disclosed, hackers made nonspecific posts threatening additional attacks on other law firms. And judging by the trends in black hat hacking over the past several years, legal practices should take these threats seriously.
The high-profile intrusions on law firms follow an increasingly apparent pattern: Cyber criminals have begun to diversify with regard to the industries and data types they target. Retail chains and financial firms, with their large repositories of credit card data, will always interest hackers. However, organizations in other trades often use much less sophisticated data protections, and the types of information they store can be highly valuable on the black market.
Data stores house trade secrets, business transactions and personal information, and that’s what puts law firms on hackers’ radar screens. And unlike finance and retail chains, most legal practices haven’t developed cyber security arrangements that keep them sufficiently protected.
How can legal firms start to build a better security system? Or more to the point, how can they do this affordably without losing focus on the core business? An important first step is to develop a plan that’s specifically focused on the kinds of data you need to protect your organization and the resources you use. That means taking a little time to understand the privacy and security risks associated with practicing law and taking stock of your firm’s vulnerabilities. That way, you can understand the scope of the problems you must address, then take focused measures to solve them.
Lunarline can help your law firm get up to date with your cyber security needs. We understand the legal profession and have tailored our services to address the industry’s need. A great place to start is joining our course on privacy for legal personnel, offered through the Lunarline School of Cyber Security. You also can contact us online, call us at 571.481.9300 to discuss your cyber security needs, or visit Lunarline.com.