Más contenido relacionado Más de FireEye, Inc. (20) [Infographic] Threat Landscape: Law Firms1. Threat Landscape:
Law Firms
Balancing security
with usability
User acceptance
and behavior
User education
and awareness
Culture of firm
Law Firms Get A Powerful Wake-Up Call
About Cyber Threats
Law firms are prime targets for cyber
attackers. One out of four law firms
with more than 100 attorneys have
suffered a cyber breach.1
Their rich
data stores make them extremely
attractive to cyber criminals.
• Clients’ personally identifiable
information (PII)
• Payment card information (PCI)
• Confidential details of lawsuits and
merger and acquisition deals
• Intellectual property
Other
A growing number of big corporate clients
are demanding that their law firms take
more steps to guard against online
intrusions that could compromise sensitive
information as global concerns about
hacker threats mount.”
– “Law Firms are Pressed on Security for Data,”
New York Times, March 26, 2014.
– ABA Model Rule of Professional Conduct 1.6
A lawyer shall make reasonable efforts to
prevent the inadvertent or unauthorized
disclosure of, or unauthorized access to,
information relating to the representation of
a client.”
“
“
22%
22%
24%
1%
31%
• 63% of law firms spend less than 0.5% of
gross revenues for data breach detection
and prevention
• 85% of law firms spend less than 0.5%
of gross revenues on response and
remediation efforts
30% of law firms reported that
breaches resulted in a loss of
billable hours.2
Better security for law firms:
the challenges6
but
Biggest worries facing law firms
Steps to Stronger Cyber Security for Law Firms
1. American Bar Association. “Legal Technology Report.” 2015.
2. American Bar Association. “Legal Technology Report.” 2015.
3. Marsh USA. “Law Firm Cyber Survey.” 2014.
4. American Bar Association. “Legal Technology Report.” 2015.
5. ALM Legal Intelligence. “American Law Tech Survey.” 2015
6. International Legal Technology Association. “2015 Tech Survey.”
December 2015.
1. Decide on a chain of command. Include list of
persons authorized to perform specific tasks,
such as restore compromised systems or
communicate with the press
2. Create a formal written security policy.
Include policies and procedures, as well as
administrative, physical and technical
safeguards for information assets
3. Train everyone in the firm.
Educate everyone, from executives to clerks,
on proper security etiquette
4. Invest in security solutions. Identify and get
the right tools for your needs: deterring cyber
attackers, detecting when they manage to
infiltrate your environment or containing and
eradicating threats
5. Acquire current threat intelligence.
Reduce the time between detection and
remediation with strong contextual
intelligence alongside your alerts
6. Consider an incident response retainer
service. Don’t waste precious time in the
event of a breach
7. Evaluate cyber insurance coverage.
Transfer some of your financial risk to
a third party
• 77% of law firms’ CIOs believe cyber
threats are more serious than they were
two years ago4
• 79% of law firms ranked cyber security
as a top 10 risk
• 72% of law firms have not assessed how
much a breach would cost them
• 62% of law firms have not calculated lost
revenue from a breach
• Fewer than 50% of law firms are insured
against cyber breaches
Many law firms don’t take the threat seriously3
Few firms invest in cyber protection5?
Costs of a cyber breach
add up:
FOR MORE INFORMATION
VISIT: WWW.FIREEYE.COM
© 2016 FireEye, Inc. All rights reserved. FireEye is a registered trademark of FireEye, Inc. All other brands, products, or service names are or may be
trademarks or service marks of their respective owners. INFO.OTA.EN.US.052516
Damaged reputation
Lost customers
Business disruption
Investigation
Remediation
Customer notifications
Fines and penalties
Litigation
$
Other
Outsiders trying
to break into
network
Not knowing if
data has been
compromised
Not knowing if the firm
is under attack
9%
25%
23%
16%
16%
11%