CyberSecurityBoard
Sponsor Register Login

How Cybersecurity for Law Firms has Changed

The public nature of the legal system makes law firms particularly vulnerable to a growing number of cybersecurity risks.
Law firms have unique access to highly confidential client information and as a result, face a growing number of federal, regional and industry data protection and privacy requirements.
On this episode of the Insider Series, I sat down with Mark Sangster, cybersecurity strategist and author of No Safe Harbor: The Inside Truth of Cybercrime and How to Protect Your Business to explore what's changed in the legal industry, and how law firms of all sizes can bolster their cybersecurity strategy.
Five years ago, law firms had no idea about cybersecurity, because they didn't really see themselves as 'at risk'.
In recent years, we've seen some marquee breaches where law firms have been shut down, or they or their clients exposed as a result.
That model means money spent on anything comes out of their pockets at the end of the year, creating an uphill battle for security firms to get the kind of funds that they need to protect the law firm.
Many smaller firms struggle with knowing where or how to start implementing security measures.
Firms tend to go back to square one or they take a fatalistic stance in thinking, if it's going to happen, I've got backups and I have cyber insurance.
Smaller firms need to think of it in terms of aligning their spend to their firm's risk.
Many firms get a policy, and everyone just sits back and says, OK, we're good.
Many firms don't realize that now, they find themselves in a position where they're not insurable.
Firms look at it like - they've got antivirus and firewalls in place, but it isn't stopping attacks, which is true.
What they don't quite realize is that when attacks against law firms happen, they don't appear out of nowhere.
In terms of awareness, it's still a process of educating firms to look at the points of entry that exist based on the data the firm has and the systems it uses.
MS: Law firms actually have an unparalleled risk in the economy and that's because they operate at a crossroads.
Firms don't necessarily really recognize that, which is why we are seeing a bit of a downdraft from specific types of clients who are beholden to industry standards and regulations in how sensitive data is managed.
Law firms have infinite amounts of valuable data, like financial information and personally identifiable information.
The big challenge that law firms have is that they have an inherent nature to be open.
Law firms are migrating document management, moving from physical libraries and vaults into digital systems.
At the end of the day, all law firms need to see themselves as a target.


This Cyber News was published on securityboulevard.com. Publication date: Fri, 22 Dec 2023 19:43:05 +0000


Cyber News related to How Cybersecurity for Law Firms has Changed

Law Firms and Legal Departments Get Singled Out For Cyberattacks - Cyberattackers are doubling down on their attacks against law firms and corporate legal departments, moving beyond their historical activity of hacking and leaking secrets to targeting the sector with financial attacks, such as ransomware and ...
7 months ago Darkreading.com
How Cybersecurity for Law Firms has Changed - The public nature of the legal system makes law firms particularly vulnerable to a growing number of cybersecurity risks. Law firms have unique access to highly confidential client information and as a result, face a growing number of federal, ...
6 months ago Securityboulevard.com
Law Firms are Raising the Bar on Cybersecurity - Corresponding with recent increases in threat actor activity in the legal industry, law firms are investing more time and attention in modernizing security operations. Both midsize and large law firms are increasingly engaging with cybersecurity ...
1 year ago Bluevoyant.com
Fortinet Contributes to World Economic Forum's Strategic Cybersecurity Talent Framework - Shining a light on the cybersecurity workforce challenge, the World Economic Forum recently published its Strategic Cybersecurity Talent Framework, which is intended to serve as a reference for public and private decision-makers concerned by the ...
1 month ago Feeds.fortinet.com
Student Cybersecurity Clubs: Fostering Online Safety - Student cybersecurity clubs are playing a crucial role in promoting online safety among students. Student cybersecurity clubs play a vital role in this regard, as they provide a platform for students to learn about the latest threats, share best ...
6 months ago Securityzap.com
Growing threats outpace cybersecurity workforce - The cybersecurity skills shortage threatens the well-being and even survival of numerous businesses as cybersecurity threats grow more numerous, sophisticated, and dangerous to the point that cybersecurity groups have vowed not to pay ransom demands. ...
5 months ago Legal.thomsonreuters.com
How to become a cybersecurity architect - Cybersecurity architects implement and maintain a comprehensive cybersecurity framework to protect their company's digital assets. The cybersecurity architect position is a fundamental role that all organizations need, said Lester Nichols, director ...
1 week ago Techtarget.com
Cybersecurity Curriculum Development Tips for Schools - With the constant threat of cyber attacks, schools must prioritize the development of a robust cybersecurity curriculum to equip students with the necessary skills and knowledge. This article provides valuable insights and tips for schools aiming to ...
6 months ago Securityzap.com
The Importance of Cybersecurity Education in Schools - Cybersecurity education equips students with the knowledge and skills needed to protect themselves and others from cyber threats. Cybersecurity education can teach students about the impact of cyberbullying, how to prevent it, and how to respond ...
6 months ago Securityzap.com
Ransomware, Data Breaches Inundate OT & Industrial Sector - Three-quarters of industrial firms suffered a ransomware attack in the past year, with far more compromises affecting operational technology than ever before - representing a surge in attacks driven by both the industrial sector's vulnerability and ...
6 months ago Darkreading.com
What the cybersecurity workforce can expect in 2024 - For cybersecurity professionals, 2023 was a mixed bag of opportunities and concerns. The good news is that the number of people in cybersecurity jobs has reached its highest number ever: 5.5 million, according to the 2023 ISC2 Global Workforce Study. ...
6 months ago Securityintelligence.com
How to Avoid Falling Below the Cybersecurity Poverty Line - The security poverty line broadly defines a divide between the organizations that have the means and resources to achieve and maintain mature security postures to protect data, and those that do not. It was first coined by cybersecurity expert Wendy ...
1 year ago Csoonline.com
Why Cybersecurity Businesses Need a Real-Time Collaboration Tool - When the Cybercrime in a Pandemic World study was released in late 2021, the report noted that cybersecurity threats had risen 81% since the coronavirus raised its ugly head. It was a time of restrictive lockdowns, stay-at-home orders, and mask ...
1 year ago Hackread.com
Understanding the New SEC Rules for Disclosing Cybersecurity Incidents - The U.S. Securities and Exchange Commission recently announced its new rules for public companies regarding cybersecurity risk management, strategy, governance, and incident exposure. "Currently, many public companies provide cybersecurity disclosure ...
7 months ago Feeds.dzone.com
Digital Learning Tools for Cybersecurity Education - In the field of cybersecurity education, digital learning tools have become indispensable. This article explores various digital learning tools tailored specifically to cybersecurity education. These digital learning tools play a crucial role in ...
6 months ago Securityzap.com
Cybersecurity Training for Business Leaders - This article explores the significance of cybersecurity training for business leaders and its crucial role in establishing a secure and resilient business environment. By examining the key components of effective training programs and the ...
5 months ago Securityzap.com
A Comprehensive Look at the Financial Firms in European Union and Their Rules on Cloud-Based Services - Today's technology has opened up a world of possibilities for financial firms, especially with cloud-based services. Financial institutions are now able to access a great deal of information over the internet in an efficient and timely manner. ...
1 year ago Tripwire.com
Gamification in Cybersecurity Education - Gamification has become increasingly prevalent in numerous domains, including cybersecurity education. Gamification presents a promising approach to meet this challenge, making cybersecurity education both effective and enjoyable. One way to ...
6 months ago Securityzap.com
The law enforcement operations targeting cybercrime in 2023 - In 2023, we saw numerous law enforcement operations targeting cybercrime operations, including cryptocurrency scams, phishing attacks, credential theft, malware development, and ransomware attacks. While some of these operations were more successful ...
6 months ago Bleepingcomputer.com
Cyber Employment 2024: Sky-High Expectations Fail Businesses & Job Seekers - Well-publicized estimates of a massive shortfall in cybersecurity workers have resulted in high expectations among job seekers in the field, but the reality often falls flat, because of a mismatch between companies' requirements and job seekers' ...
6 months ago Darkreading.com
Key cybersecurity skills gap statistics you should be aware of - As the sophistication and frequency of cyber threats continue to escalate, the demand for skilled cybersecurity professionals has never been bigger. The skills gap is not merely a statistical discrepancy; it represents a substantial vulnerability in ...
6 months ago Helpnetsecurity.com
European firms urge China to give more clarity on data transfer laws - AP Moeller - Maersk A/S Siemens AG BEIJING, Nov 15 - European firms "Urgently" need China to give clearer definitions of key terms in its cross-border data transfer rules, a European business lobby group said on Wednesday, warning firms also stood to ...
7 months ago Reuters.com
Cybersecurity Workshops for Students - Cybersecurity workshops for students serve as an effective means to educate and empower the younger generation in protecting their digital assets. With proper planning and organization, cybersecurity workshops enable students to navigate the digital ...
6 months ago Securityzap.com
Cybersecurity Curriculum Development Tips - In this article, we will explore essential tips for developing a comprehensive and up-to-date cybersecurity curriculum. By staying abreast of the latest industry trends, educational program developers can ensure that their curriculum remains relevant ...
6 months ago Securityzap.com
Beyond Mere Compliance - Too often we continue to see executives whose approach to cybersecurity - compliance rather than protection - is strikingly similar to that of the ill-advised business owner whose minimal fire protection is designed only to meet the building code. ...
6 months ago Cyberdefensemagazine.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)