Using Threat Intelligence to Protect the Legal Industry

Law Firms and Legal Services have become a big business for targeted cyber attacks. Due to the confidential nature of their customer data, law firms present a tantalizing target for attackers, as they often also possess the wherewithal to pay the demanded ransoms. With each successful attack making headlines, the pressure to ensure cyber defenses increases from clients, state entities, and industry associations.

Impact of Cyber Attacks on Law Firms

  • 26% of Law Firms Experienced a Data Breach
  • $4.45 million = Average Cost of a Data Breach
  • Cybercrime is now the world’s 3rd largest economy

Key Risk Factors

Reducing Third Party Risk

Law firms interact with a multitude of 3rd parties on a daily basis. From file sharing with corporate networks and client devices, to connected service companies on the physical premises, each represents a threat vector that can be compromised.

Regulatory & Ethical Duties

While not currently subjected to regulatory and compliance requirements, state and industry associations are increasingly adding cybersecurity elements into ethics rules for law firms. Examples of these guidelines can be found in the American Bar Associations Rules of Conduct and ABA Formal Opinion 477.

Damage to Business and Reputation

Cyber attacks can have devastating impact on law firms and legal services. From the obvious damage to reputation, to the expenses incurred responding and recovering from the attack, the consequences can be severe.

Challenges Incorporating Threat Intelligence

Proprietary Vendor Perspective

Threat Intelligence from NGFW vendors is proprietary and offers a narrow view of the threat landscape. The ability to take action on threat intelligence from multiple sources is paramount to protecting from today’s targeted attacks.

Accessing Threat Intelligence Sources

There are a plethora of threat intelligence sources including industry specific (LS-ISAO), to commercial sources (DomainTools). The ability to incorporate multiple, trusted sources and then grow as needed, is key.

Operationalizing Threat Intelligence

Managing threat intelligence can be expensive and time consuming. How much threat intelligence is enough? Is there security “know-how” to use it? How well does threat intelligence play with NGFWs? Selecting the right solution is critical.

Use Cases

Admin area