Every organization was put on alert by the scale of last year's ransomware WannaCry attacks, but for law practices in particular it was a big wake-up call. According to the 2017 PricewaterhouseCoopers Law Firm survey, 60 percent reported an information security incident, compared to 42 percent in 2014. Breaches are on the rise for firms with more to lose than most, because their businesses are built around client confidentiality and trust.
Historically, the legal profession has focused on protecting "data at rest" with encryption, data privacy controls, firewalled infrastructure and outsourced security incident management. Like other organizations, they have discovered that standard network protections and firewalls are woefully inadequate for understanding what users are doing within the perimeter. What is different is the scale of the risk. These are businesses, after all, responsible for the some of the most highly classified types of client data.
They are under pressure from all sides. Logic Force's 2017 Law Firm Cybersecurity Scorecard revealed that 48 percent had their data security practices audited by at least one corporate client in the preceding year. The notion that client companies are concerned that their legal representatives could be a weak link in their security chain may be the loudest alarm bell of all, because customer trust is the heart of the matter.
Legal firms, along with medical and financial institutions have a hard time surviving a loss of customer trust. Maintaining that trust is not easy in a highly connected world where malicious cyberattacks, inadvertent mistakes, or even aggressive advertising can pave the way to disaster.
The harsh reality is that organizations targeted by sophisticated cyber criminals are going to struggle to prevent a breach. The focus, therefore, is increasingly about eliminating blind-spots you didn't know you had and containing a threat once it's inside the perimeter.
There's also the risk of insider threats - employees, partners or contractors who deliberately leak information, fall foul of social engineering traps and file-less PowerShell-based attacks, or just mistakenly send the wrong document or choose the wrong distribution list. The reputational damage and financial penalties for allowing something like a prospective merger or acquisition to appear in the public domain, for example, may be the single best reason why law firms need to rethink their security practices.
What's missing for most of them is a way to watch the paths that take people to valuable data. Those paths involve the network and user accounts. They need a way to convert seemingly disparate activities and arcane network data into a risk-prioritized set of entities to triage, forensically investigate and respond. This is easier said than done with traditional security event consolidation tools. It's a fine line between proactive monitoring that is precise and informative and 'alert hell' where there's too much noise to spot a real threat.
One way around this is with user-centric traffic analysis. By tracking individuals' network activity, you can shine a light on suspicious behavior and take steps to protect high-value data assets before too much damage is done.
Corvil's ability to present these "riskiest" users and computers on a dashboard or delivered as a daily executive report attracts the most interest from law firms. Our solution makes it easy for security analysts or managed services partners to understand who these users are and examine the full extent of their activity. Firms can understand and manage the full scope of the risk, especially when inadvertent distribution of a sensitive document can pose as much risk to client trust as a malicious attack.
Our seamless, integrated workflows across best of breed products, such as Splunk, Carbon Black, and Palo Alto Networks, enable faster, more effective response. The combination of intelligent visibility inside the perimeter and automated actions will significantly improve a law firm's data protection capabilities.
For more information, read our customer success story.