Macrium Software
US Customer Sales: (347)-565-5912
UK Customer Sales: 0330 380 0615
  • Products
    Standalone
    • Buy Now
    • Workstation
    • Server
    • Server Plus
    Site Backup
    • Buy Now
    • Site Manager
    • MultiSite
    • Workstation
    • Server
    • Starter Pack
    • Virtual Server
    Technicians
    • Buy Now
    • Technicians License
    • Deployment Kit
    • SiteDeploy
    Personal
    • Macrium Reflect Home
    Upgrade Products
    • Upgrade License
    • Renew Support
    Business
    Standalone
    Buy Now
    Workstation
    Server
    Server Plus
    Site Backup
    Buy Now
    Site Manager
    MultiSite
    Workstation
    Server
    Starter Pack
    Virtual Server
    Technicians
    Buy Now
    Technicians License
    Deployment Kit
    SiteDeploy
    Misc (invisible parent)
    Personal
    Macrium Reflect Home
    Reflect Free
    Upgrade Products
    Upgrade License
    Renew Support
  • Solutions
    Disaster Recovery Ransomware Protection Scalable Backup
  • Support
    Submit a Ticket
    My Order History Upgrades Renewals
    Forum Knowledgebase
  • Partners
    Find a Reseller Find a Distributor
    Become a Partner Become an MSP
    Reseller Log In Reseller Registration
  • Company
    Contact Us Our Story Resources Media Pack Careers and Culture Blog
UK Customer Sales: 0330 380 0615
US Customer Sales: (347)-565-5912

Macrium Software

Blog

The Legal Industry and Cybersecurity Risks

Posted at Aug 16, 12:00h in cyberattack Macrium Software, Marketing Categories: cyberattack, cybersecurity, data-security, business, business-continuity, business-strategy, legal industry

A 2021 Cybersecurity Tech Report from the American Bar Association (ABA) informs law firms about the rising data, network, and cloud service risks. ABA’s 2021 Legal Technology Survey (statistics provided in the 2021 Cybersecurity Tech Report) examines cybersecurity protection and threats throughout law firms from reporting attorneys. This intersects with clients’ right to privacy. Attorneys have a duty to protect their clients. They must also follow cybersecurity guidelines for this reason. The report provides law firms, attorneys, and clients with measurable insights to improve cybersecurity.

What Are the Ways Cybersecurity Influences the Legal Industry?

A revealing aspect of the report is the substandard security practices. Most of the legal industry doesn’t even have cybersecurity considered basic by professionals. 

1406705_legal-graphic-1-2_072722.jpg

  • 25% of attorneys and/or law firms encountered some kind of data breach in 2021

Attorney-client privilege requires lawyers to safeguard their data against cyberattacks. Unfortunately, hackers can exploit client information through weak cybersecurity. 

1406708_legal-graphic-2-1_072822

The ABA report outlines several technology rules attorneys must follow:

  1. There are appropriate cybersecurity systems supporting client privacy
  2. Attorneys give clients technology awareness and seek clients’ consent
  3. Leading attorneys supervise all employees involved in the case

Legal obligations hold law firms and lawyers accountable to law duties. They ensure client information protection “relating to clients and other personally identifiable information.” Those in the legal sector understand the full spectrum of security. Identification, response, recovery, and ethics are equally beneficial. 

How Is Cybersecurity Handled?

As with state and local government, a consequential step for the legal industry is security coordination. This initiative will establish cyber safety management and responsibility.

The survey also indicates the disjointed nature of cybersecurity in proportion to firm size:

  • 80% of respondents have primary responsibility in solo firms

Where chief security officers have primary responsibility:

  • 13% of firms ranging from 100 to 499 attorneys 
  • 16% of firms that have over 500 attorneys 

The ABA resolution bases law firm size as an indicator for cybersecurity programs. Budget, allocation, and amount of stored private information scales with the company. 

Another issue for cybersecurity practices is the exclusive views on policies and programs. Cybersecurity merges all aspects of technology. Although, it’s not always viewed that way, but as a separate burden that businesses push to focus on other concerns.

An incident response plan is necessary for cybersecurity, but only 36% of respondents have one. There are disparities among firm sizes that make it difficult to set cybersecurity. In smaller offices, there may be just one person handling IT. The responsibility could also be up to each individual lawyer. In larger corporations, IT responsibility may not be appropriately distributed or could get lost in the chain of command. 

How Do Breaches Impact Lawyers?

1406713_legal-graphic-3-1_072822

In 2021, firms of varying sizes experienced a breach:

  • 17% in solo or firms with 2-9 employees
  • 35% for firms with 10-49
  • 46% with 50-99
  • 35% with 100

1406730_legal-graphic-4-1_072922

Breaches caused a lot of reportable impacts:

  • 36% of participants revealed that downtime/loss of billable hours affected their firms 
  • 31% ended up paying consulting fees to mitigate cyberattack damages 
  • 13% suffered complete devastation of critical files 
  • 18% needed to replace technology devices

For firms with 50-99 attorneys, 26% underwent a disaster of some sort, either fire or flood. Overall, it affected 15% of law firms. These “acts of God” accidents can put companies of any type or size out of business. Unfortunately, almost half of attorneys (48%) say they have a disaster recovery/business continuity plan.

What Security Tools Support Cyber Safety?

Security tools can help prevent data loss. Law firms should employ a few, if not all, available to them:

  • Spam filter
  • Software-based firewalls
  • Anti-spyware 
  • Mandatory passwords
  • Antivirus for emails, networks, desktops, and laptops
  • Hardware firewalls
  • Authentication and access controls
  • Multifactor authentication
  • Encryption
  • Intrusion Detection Prevention software (IDS)
  • Intrusion Prevention software (IPS)
  • Pop-up Blockers 
  • Network antivirus 
  • File access restrictions 
  • Employee monitoring
  • Backup software and recovery 

Why Should Law Firms Consider Backup Recovery? 

In addition to these security measures, backup recovery guarantees that when breaches occur, data is not lost. Most cybersecurity professionals agree that there are either companies aware or not aware that they’ve been breached. 

The survey listed statistics regarding backup and law firms:

  • 3% don’t back up their computer files
  • 33% don’t know about backup

1406738_legal-graphic-5-1_072922

Types of backup include:

  • 28% use external hard drives
  • 25% use online backup
  • 25% use offsite backup
  • 12% use network-attached storage
  • 7% use a USB
  • 5% use cloud
  • 4% use RAID
  • 5% use CDs
  • 3% use tape 
  • 2% use DVDs
  • 2% use another form of backup all together 

Solo and small firms generally use external hard drives and online backup. In larger firms with over 50 attorneys, respondents stated that they were uninformed about their work’s backup strategy. 

Experts in the cybersecurity space advise companies to run “multiple backups, including offline and offsite backups.” Maintaining backups is a part of cybersecurity hygiene. 

Respondents answered the frequency with which they were running backups: 

  • 41% use constant live backup
  • 26% used daily backups
  • 10% backed up their data more than once a day
  • 9% ran backups weekly
  • 3% ran backups monthly
  • 1% ran backups quarterly
  • 10% didn’t know how often backups ran

Again, a good portion of participants was unaware of how often backups took place at their company. This answer increased with the firm size. 

What’s the Future of Cyberattacks and Why Should the Legal Industry Prepare?

Law firms are not immune to cyberattacks, even while most hackers target manufacturing industries. Forbes published an article on how “law firms are [an] increasingly…attractive target because of the nature of their business.” Depending on the sort of legal work and classified information, the legal space can have materials and knowledge attackers can exploit. Corporate data and tax returns are two examples of highly coveted documents. Hackers can steal sensitive information and then withhold or release it until law firms pay the ransomware price. 

One issue that Forbes mentions is the need for government agencies to protect the legal sector. Some law firms handle and store government secrets. They hold “information of interest to nation-states.” While this calls for tightened cybersecurity, “law firms [are] reluctant to share information on attacks for fear of losing control of confidential information.”

The article speaks to security tools that can be a force against looming cyberattacks.Security is central to software design at Macrium. Our applications give you complete control over where your data is stored and will operate fully offline for the most secure, air-tight networks.

Backup recovery stands out as insurance for when hackers take data. Macrium Software works with law firms to provide a solution based on pre-existing systems. Therefore, there’s no need to switch from cloud-based or [comparison]. Macrium provides businesses with backup solutions in case of breaches, ransomware, or cyberattacks. Check out our website to learn about installing effective backups to prevent data loss at Macrium.com. 


Previous Post

The Financial Industry and Cybersecurity Risks

Next Post

The Manufacturing Industry and Cybersecurity Risks

Recent Posts

  • Activating Macrium Reflect and Macrium Site Manager Offline
  • A message from the CEO
  • Using Site Manager with Macrium MultiSite
  • What Is a Cybersecurity Attack? | Nine Types of Cyberattacks
  • K-12 Education and Cybersecurity Risks

Popular Posts

  • Cloning a disk with Macrium Reflect 8 (73975)
  • The Macrium Rescue Environment (42257)

Tags

All Tags
backup
macrium-reflect
product
company
cybersecurity
macrium
microsoft
infosec
techie-tuesday

Archive

All >
2023
2022
2021
2020
2019
2018
2017
2016
2015
2014
2013
2012

Latest Blog Posts


Activating Macrium Reflect and Macrium Site Manager Offline
10-Jan-2023
We’re often asked “Can Macrium Reflect and Macrium Site Manager be installed...

A message from the CEO
03-Jan-2023
I hope this message finds you happy and healthy in this new year. I’m writing...

Using Site Manager with Macrium MultiSite
31-Oct-2022
Macrium MultiSite enables you to monitor and manage multiple instances of...

Latest Videos


Configuring Email Notifications in Macrium MultiSite
27-Oct-2022
You can read more about Configuring Email Notifications in Macrium MultiSite here: ...

Access control in Macrium MultiSite
27-Oct-2022
You can read more about Access control in Macrium MultiSite here: ...

Configuring Alerts in Macrium MultiSite
27-Oct-2022
You can read more about Configuring Alerts in Macrium MultiSite here: ...

Latest Tweets


@MacriumReflect
01-Feb-2023
Blog post: Nine Types of Cyberattacks

Subscribe to our Newsletter


Loading...

You can unsubscribe at any time. We respect your privacy, details here.

Copyright © Paramount Software UK Limited 2023 Macrium Reflect® is a registered trademark of Paramount Software UK Limited
Contact | Terms & Privacy Policy