Recent research by the National Cyber Security Centre (NCSC) has found UK law firms are increasingly appealing targets for cybercriminals interested in stealing and exploiting client data.
Hybrid working has been cited as a challenge for firms attempting to maintain secure working practices and protect client confidentiality, but as cyberattacks become more sophisticated, the data that law firms hold are targeted for ransomware and insider trading.
These cyberattacks are increasingly carried out through breaches attributed to human elements, with 74% of all data breaches involving errors like privilege misuse, phishing, stolen credentials or social engineering. But losing client data has harmful consequences to the customer’s trust and reputation, leaving firms with the hard task of regaining their professional status while shoring up their security from other follow-up attacks.
The report calls for more proactive steps and training to protect their legal services. Financially motivated extortion incidents and intellectual property thefts have a significant impact on the legal sector in comparison to other civil sectors, so it is only more integral that their security can match potential threats and strengthen their ability to protect client data.
“The UK legal sector handles data that is ultimately a critical component for Business Continuity,” said Mark Appleton, Chief Customer Officer, ALSO Cloud UK. “With the increased cyberthreats they face, investing in the right security tools to become more resilient to the various attack methods should be a necessity. Otherwise, they face dealing with losses that may prove crippling for their firm’s reputation and clientele.”