It’s not surprising that the legal sector represents a goldmine for hackers. Law firms don’t just handle highly sensitive IP, business critical and financial data for clients but also personally identifiable information (PII), making them a highly attractive target.
PwC’s annual Law Firm Survey 2017 found that over 60% of all law firms had reported suffering some form of security incident during the last year. The most common security incidents continue to be phishing attacks, with 12% of firms under attack on a daily basis.
Hackers are increasingly targeting the sector because of the highly sensitive data it holds, but also because law firms are typically viewed as an easier target than some other sectors.
There are significant consequences to law firms as a result of data breaches, including downtime and loss of billable hours, destruction or loss of files, and having to pay substantial consulting fees for repairing damage that resulted from the attacks — not only the technology damage, but also reputational damage. Beyond the immediate costs of liability fo a breach, law firms must consider that the reputational effects of a breach can be catastrophic in an industry that relies on trust.