Do law firms have weaker cyber defences than their corporate clients?
About 74% of them rank a data breach as one of their top data-related risks. Similarly, 68% said that their legal departments are more involved with cybersecurity than they were 12 months ago.
“As organizations have become more data-centric and business processes more technocentric, legal headaches around data have intensified,” BDO said.
The consulting group report said that law firms are “highly targeted,” and are “traditionally more vulnerable” than their corporate clients. It said the Panama Papers controversy in 2016 brought to light law firms’ vulnerabilities.
About 11.5 million documents from Panamanian law firm Mossack Fonseca were leaked by a whistleblower. They contained details of more than 214,000 offshore entities. The International Consortium of Investigative Journalists released the papers last April.
“Despite housing highly sensitive legal information, law firms traditionally have weaker cyber defences than their corporate clients, making them a prime target for hackers,” BDO said.
Last December, the Law Council of Australia launched an awareness campaign that warned law firms of the dangers of cyberattacks. “Consideration of cyber risks should evolve beyond an IT issue.”
Law firms are at risk because they hold large amounts of detailed data about individuals, the council said. It added that stolen data can be used for ranso m against a lawyer and his or her client.
Most firms lack cybersecurity crisis management playbooks, GCs reveal
Lawyers warned over cyber attacks