Large law firms experiencing two ‘cyber incidents’ a month


Cyber security: Growing threats

Large law firms experienced an average of 23 ‘cyber incidents’ in the past 12 months, lower than other sectors, a snapshot survey has found.

Law firms were also among the most likely to spend smaller amounts on cyber protection.

Researchers from IT managed services firm iomart and forecaster Oxford Economics gathered responses from managers at 25 large law firms responsible for their firm’s cyber security strategy.

They were part of a wider group of 500 executives from 12 sectors surveyed, most at firms employing over 1,000 people and all at firms with turnovers of at least £250m.

Law firms reported an average of 23 cyber security incidents in the past 12 months – ranging from 43 for one firm to five at another – the lowest number for any sector.

This compared with an average of 33.5 for the insurance sector, which topped the list, followed by finance (32) and government (31).

When it came to spending on cyber protection, almost half of law firms spent from £10-£25,000 a year, for example through vulnerability assessments or penetration testing. Not-for-profit organisations were the most likely to spend amounts of less than £10,000.

Despite these findings, the State of cyber security in the UK 2023 report also found that almost half of law firms agreed that internal security policies and procedures “struggle to keep up with the rapid pace of change”, while a majority reported “an increased frequency of threats from bad actors over the past two years”.

A significant minority, one in five, believed their cyber security budget was “inadequate to fully protect them from growing threats”.

Not surprisingly perhaps, most law firms noted a rise in their cyber insurance premiums over the last two years.

More than four in ten admitted that during the pandemic they were “forced to sacrifice cyber security to keep the lights on”.

The top cyber-threat for law firms was phishing, followed by distributed denial-of-service (DDoS) attacks, malware, ransomware and identity theft (in joint fourth place) and insider threats.

Almost half of law firms used artificial intelligence or machine learning “in some capacity” to defend themselves, particularly to support email screening.

Businesses of all kinds found that a lack of key skills remained one of the main challenges to tackling rising cyber threats, with three in 10 cyber staff admitting to facing burnout.

Lucy Dimes, chief executive of iomart, commented: “The legal sector has a history of high profile and sophisticated cyber-attacks, and perhaps it’s no surprise, as the volume and nature of sensitive data law firms hold is a gold mine for criminals.

“And while it is clear that the threat of cybercrime is rising, there’s a lack of confidence in organisations’ abilities to protect themselves against it.

“There are many factors at play that are influencing this, from rising energy costs and increased insurance premiums to skills shortages and staff burnout, which are causing huge challenges for businesses.”




Leave a Comment

By clicking Submit you consent to Legal Futures storing your personal data and confirm you have read our Privacy Policy and section 5 of our Terms & Conditions which deals with user-generated content. All comments will be moderated before posting.

Required fields are marked *
Email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Blog


The rise of the agent

We believe AI agents are going to represent the biggest change to the way in which the general public interact with professional services business for generations.


The lonely role of a COFA: sharing the burden of risk management

Compliance officers for finance and administration in law firms can often find themselves walking a solitary path. But what if we could create a collaborative culture of shared accountability?


Mind the (justice) gap: Why are RTAs going up but claims still down?

The gap between the number of road traffic accident injuries and the number of motor injury claims continues to widen, according to the latest government data.


Loading animation