Law firms possess a tremendous volume of valuable documents and data, which are extremely attractive to hackers of a variety of motivations. Successful cyber-attacks can damage a firm’s operations and reputation.
According to the 2020 ABA Legal Technology Survey Report, the number of law firms experiencing a known security breach increased to 29 percent in 2020. The survey notes that “despite the ethical issues and pending challenges, the use of certain security tools remains at less than half of respondents,” and only 36 percent of the respondents have committed to cyber insurance policies.
This paper seeks to help all organisations and institutions, not just law firms, better understand the threats they face and why they should work toward better cyber hygiene, and a more proactive incident and threat management strategy.
Aniket Bhardwaj reviews why law firms are attractive cyber targets and how compromising these firms is a high priority to threat actors. He also defines the concept of “cyber hygiene” and shows why it is critical to maintaining IT security best practices.
Bhardwaj examines notable cybersecurity thefts and leaks in recent years and the easily avoidable weaknesses that led to these unfortunate events. Finally, he highlights key tactics for building a robust incident and threat management program.