When people think of the term "data breach," they normally call to mind images of retailers or even banks that fall victim to these devastating types of attacks. They may even think about insurance companies like the Anthem hack that exposed the personal information of millions of customers to harm a few years ago. According to Bloomberg, however, law firms are also at an increased risk of being hacked - shockingly so, in some cases.
Is Your Law Firm Practicing Data Security?
Law Firms as Hacking Victims
According to Bloomberg, at least a full 805 of the top 1000 law firms in the world have had some sort of breach in the last few years. The severity of this security situation varies depending on the target, but it's still a shocking number all things consider. According to Cisco Systems, law firms are actually the seventh most vulnerable industry currently operating today when it comes to malware encounters.
Bloomberg reports that part of the reason why law firms are so attractive to cyber criminals has to do with the type of information that they're likely to keep. They often have volumes of personal data on clients and their business activities which is of interest to not only run-of-the-mill cyber criminals but also the business rivals of those clients, too.
Another part of the reason why international law firms are particularly at risk has to do with where these attacks are coming from. According to AbovetheLaw.com, most hacks are actually coming from organized crime cartels that are already operating internationally themselves in places like Europe or China.
Law Firms and Data Security
To say that law firms need to take proactive steps to keep their data safe from harm is something of an understatement. Lawyer data security is already seen as a "ripe" target for hackers due to the lax security protocols that are in place, which is something that needs to change moving forward.
Making the move to SFTP for all file sharing purposes is one positive step in the right direction. SFTP gives users a huge amount of control over when, where, why and how information is shared over a network. SFTP uses SSH-2 encryption by default. SSH-2 encryption can be used to guarantee a secure file transfer at all times, helping to make sure that all aspects of a session are encrypted. This includes not only the sending and receiving of the files themselves, but also the transmission of things like IP address, user ID and password information.
Other positive steps to take involve educating employees on what phishing emails look like so that they know how to spot and avoid them when one invariably arrives in their inbox. These are all important best practices that will help protect both your law firm and the private information of your clients moving forward.