Data breach headlines are typically dominated by reports of stolen personally identifiable information, protected health information, Social Security numbers and credit card data – so basically any information that can be quickly sold on the Web to identity thieves. But the less-told stories are of hackers going after more nuanced intelligence such as intellectual property and financial details about corporations.
While there are a number of industries that house these higher-level resources – such as financial firms and government agencies – hackers are just as liable to perpetrate cyberattacks against organizations in the legal industry. Unfortunately, many law firms may be woefully unprepared to defend their networks.
Why law firms?
A casual observer of current events might be shocked to learn that the legal industry is waist deep in a cesspool of cybercrime. According to data gathered by Bloomberg Business, an estimated 80 percent of the 100 largest law firms have been breached to some degree. The American Bar Association noted that 25 percent of all firms with 100 or more attorneys have been hacked. It begs the question, what exactly are cybercriminals after?
It's important to consider that law firms have stores of sensitive information that are pertinent to clients. These could be organizations in government, retail, telecommunications, health care, utilities, agriculture, finance and just about any other industry in existence. As such, a breached law firm may not even be the end target of a cyberattack, but rather a gateway to a more pernicious plot against a company they represent. This is an especially frightening prospect: If hackers manage to extract the data they need undetected, in theory, a law firm could be completely unaware that it was an unwilling accessory to cybercrime.
A cybersecurity expert told Bloomberg that cyberattackers are especially wont to target firms representing foreign companies, specifically citing China-based organizations. Of course, that's not to say that hackers wouldn't go after a law firm working for a large U.S. bank or telecom, because they will. These cybercriminals might be after intellectual property. They might be looking to get an inside scoop about the financial details of a pending merger or acquisition. Regardless of what they're trying to steal, they'll use any tactic imaginable to find a way into the network, and once inside, they'll search tirelessly for the information they need until they find it.
The cybersecurity verdict doesn't look good
One might think that such a heavily targeted industry, and one with such a high rate of data breaches, would make cybersecurity a top priority. Unfortunately, this isn't always the case. In its survey, the ABA found that 47 percent of law firms don't have a data breach response plan in place.
"47 percent of law firms don't have a data breach response plan."
According to a recent report by The American Lawyer, many firms are seeking to be more prepared against cyberthreats by purchasing cyberattack insurance. While these policies could help mitigate potential monetary losses, they do nothing to bolster the firm's overall cybersecurity strategy – which according to the ABA, consists mainly of firewalls, anti-spyware, pop-up blockers and virus scanners for the vast majority of law firms.
All of these are defenses are important of course, however, they still don't address the real issue at hand, which is how quickly law firms can react once a hacker has gotten into the system, which they will. If you're still under the impression that a data breach won't happen to you, then you're in for a rude awakening.
A SOC is your best defense
As long as law firms continue to house high-level information about business clients, they'll have a bull's eye stamped on the facades of their institutions. And if this is the case, they'll need to find a way to level the playing field.
One such way is to start using brains over brawn, which is exactly what a security operations center provides. Unlike firewalls and anti-virus solutions, the purpose of a SOC is not to keep threats out, but rather, to identify suspicious activity in the network that signifies a possible breach. In a SOC-as-a-Service model, an expert security engineer is the one responsible for monitoring the network, which means no sweat off the backs of IT staff members. In addition to manning the crow's nest, this engineer provides detailed updates about the status of a cybersecurity strategy, which helps to ensure that firewalls, anti-virus software and other defenses are working optimally.
The best part is that because it's an as-a-Service model, SOC is much easier to deploy, and far more affordable than legacy SIEM services.
It's time for the legal industry to take a stand against cybercriminals, and not just in the court room. Protect your law firm's network with SOC-as-a-Service.