Law firms possess vast quantities of highly sensitive information that puts them at the top of hackers’ hit lists. Everything from trade secrets, to personally identifiable information, to private information that can be used for extortion are considered high-value material on the dark web.
You’ve heard the old adage, “Any PR is good PR.” Well, just ask Equifax if that’s true. Its recent breach affected some 143 million Americans. But it’s hardly the first time personally identifiable information (PII) was stolen through a financial-related entity–and it won’t be the last
Law firms are in a unique position when it comes to information security. They regularly handle copious quantities of sensitive data spanning industries. From manufacturing to government agencies, to software providers, to hospitals and beyond, legal operations represent a dangerous attack vector that cybercriminals are eager to exploit.
Cyberattackers have been “aggressively targeting” law firms since 2016. In fact, in a survey of more than 200 law firms, every single respondent reported being targeted in 2016-2017 by criminal hackers. What’s more, the report also found that 40 percent of respondents were unwittingly infiltrated.
Unfortunately, many law firms develop a false sense of security due to a lack of visibility and awareness into InfoSec operations. This also means that yesteryear’s knee-jerk reactions to feeling threatened–continually adding the latest “state-of-the-art” tools–doesn’t work because it fails to address the problem at its source. Law firms don’t need to bolster perimeter defenses; they need to budget their investments in cybersecurity wisely, and holistically improve their security postures through better threat detection and response.
Debunking the ‘Prevention-First’ Myth
In a perfect world, law firms would focus solely on attack prevention, completely eliminating the need for mitigation. But global numbers tell a very different story. Every year, cybersecurity spend increases. This year, Gartner estimates worldwide security spending to reach $93 billion, and a staggering $1 trillion by 2021. It raises the question: If cybersecurity spend is increasing at such an incredible pace, then why does the number of confirmed attacks–and associated damages–also rise every year?
Clearly there’s disconnect between what businesses spend and what they get in return. Case in point, ransomware raked in an estimated $1 billion in 2016, an unprecedented amount at the time. But fast-forward to the conclusion of 2017, and that value soars to almost $5 billion. That’s a five-fold annual increase.
The problem isn’t necessarily that preventative security has no place in security, but rather, the manner in which organizations, law firms included, are over-investing in these resources. Faced with a daunting shortage of cybersecurity expertise for hire, they’re being pressured to invest in the “latest and greatest” security solutions, which falsely promise to alleviate the need for active security expertise.
This thinking is especially dangerous for law firms, which are frequently the target of advanced persistent threats, zero-day attacks and other furtive intrusion tactics that infiltrate the network and extract sensitive materials. In many cases, it can take six months to a year to detect these stealthy intrusions.
Simply put, no amount of investment in new perimeter defenses, next-generation firewalls or plug-and-play intrusion detection systems will solve these problems. It takes a fully-staffed security operations center (SOC) with advanced threat detection and response capabilities to do so.
A New Market Dynamic: On-Demand Security Expertise
“Threat detection and response are no longer prohibitive costs for law firms.”
Cyberthreat detection requires a 24/7/365 effort, something most law firms don’t have the means to support. According to the American Bar Association, the costs of implementing and managing a cybersecurity program in a law firm can be overwhelmingly prohibitive. Security investment and oversight is typically relegated to one or two people who may already be responsible for a number of other IT-related tasks. Any tool or solution that promises to help, therefore, seems like a godsend–even if, in reality, it doesn’t make sense financially.
Enter SOC-as-a-service, a fully-staffed SOC that provides real-time threat detection, proactive threat hunting and incident response at a fraction of the cost to manage an in-house SOC. SOC-as-a-service enables law firms to benefit from detection and response capabilities they need to identify even the most difficult-to-detect cyberthreats. Included is 24/7 access to on-demand security experts, who continuously monitor network traffic and react immediately to indicators of compromise.
In addition to managed detection and response (MDR) services, SOC-as-a-service also provides ongoing vulnerability scans to help law firms make more effective security purchasing decisions. This also helps firms shed deadweight tools that don’t actively enhance security posture.
A Sound Investment with Demonstrable Results
Today’s law firms need a predictably-priced, cost-efficient cybersecurity service that’s truly effective to protect their sensitive data. And with SOC-as-a-service, that’s exactly what they get. Don’t waste another dollar on cybersecurity that doesn’t make sense.
Interested in Cybersecurity?
When discussing security risks with clients we tend to use The House Example. Think about your security systems like a house. When you leave your house you might take basic security precautions like locking the doors and closing the windows. Maybe an unseasoned criminal would jiggle a door handle, notice it's locked and leave. A more seasoned criminal, however, may come along jiggle the handle, and then smash in a window. This is precisely why people set up cameras and invest in additional home security.
Systems security works in the same way. Your house is your systems and your basic securities (your 'locks') are your firewall and antivirus. Most companies stop here. Unlike the house example, cyber criminals are more seasoned and more savvy at slipping in undetected. Once a cyber attack happens, there is likely significant long term damage that could have been avoided. Calance works to detect and respond to these threats around the clock.
If you've found that your company is at risk, take immediate action before a breach occurs.
Take a recent case from the news. On March 18, 2017, The North Carolina State Government suffered from two large data breaches. These breaches leaked sensitive information including personal information and the URL of the state's cloud storage provider on the public internet. There was also a ransomware attack that slowed the government to a crawl until they paid a $23,000 ransom to a group of hackers. Instead of giving into demands, the government refused to pay and decided to start from scratch.
Prior to the adoption of the Cloud, business IT was primarily designed for consumption behind firewalls. Often, IT infrastructure was sold to individual business units and inter-organization sharing of IT resources was far and few.