The Next Big Hacking Target: Law Firms

The lure of hacking law firms is clear: they are privy to companies’ most sensitive data

Cyber attacks have evolved from a rare occurrence to a daily risk. Moreover, these incidents seem to be cyclical; when one breach is disclosed, a rash of similar incidents follows. Often, cyber attacks migrate from one target industry to another, and again a rash follows. Faced with the certainty that cyber attacks will only rise, the private sector would do well to ask, “Who’s next?”

In the wake of the mounting number of high-profile cyber attacks in retail, financial services, government, healthcare, and other sectors, more and more industries have invested in cybersecurity solutions and programs. Companies can no longer claim to be unaware of the risk as everyone around them bulks up their internal cybersecurity efforts, which resulted in 235 percent growth in the cybersecurity industry from 2011 to 2015.

Furthermore, according to a Citigroup report, law firms tend to keep cybersecurity incidents under wraps — meaning that when a breach does occur, it is rarely disclosed to the public. Since the legal sector is not subject to some of the more stringent regulations found in highly regulated industries, it can be hard for clients to gauge their law firm’s cybersecurity readiness.

Do you know what questions you need to ask your law firm?

Law firms are the next big cycle target. The Panama Papers were not the beginning and not close to the end. Breaches across the legal industry will continue to interrupt deals, litigation, and, most concerning for them, reputation.

Bob Anderson
Leader of Navigant’s Information Security practice

Back to top