What to do in the case of a cyber-attack?
With the rise of technology tools and the habit of storing all business data in the cloud, lawyers are now a tempting target for cybercriminals.
In other words, lawyers have to protect themselves to avoid receiving a cyberattack.
According to a note published by Diferencia Legal, and citing the conclusions announced during the training session 'How to prevent cyber-attacks in the legal sector', organized by Grupo Paradell, the average cost of cyber-attacks in large companies is approximately 4 million euros, while the average obtained in these crimes against small and medium-sized companies is around 75,000 euros.
In the training session itself, the importance of the human factor was stressed, since 90% of the incidents detected involve the employees of the affected company.
Fernando Dombriz, Business Development Director at Grupo Paradell, present at the session, warns of the importance of cybersecurity within organizations:
"I think we are all aware that cybersecurity must be an indispensable element in the strategy of law firms. Prevention and reaction measures are vital factors to avoid or minimize information leaks and reputational damage for the firm."
In turn, Dombriz points out that the human factor "is the weakest link in the chain when it comes to cybersecurity issues."
The speakers at the event highlighted three key questions that every project manager needs to ask in order to deal with human cyber-risk:
1. What kind of risks do I want to prevent?
2. How can I prepare the human team efficiently?
3. How can I obtain the necessary information to measure the evolution of the organization?
Nicolas Torrent, Managing Director of Digilegal, told The Impact Lawyers what were the top cyber threats for 2020:
2. Deepfake voice technology
3. Synthetic identities
4. Cyberattacks with AI
5. Attacks on AI during its learning phase.
6. Disinformation in social media
7. The security challenges of 5G
The author emphasizes the importance of asking oneself questions such as: How sensitive is the data you handle and that of your customers, what threat can exist on that data, how damaging can be the possible breach on that data, among other questions.
In addition, Torrent warns that no security system is impregnable, so it is necessary for a law firm to invest an appropriate cost in cyber protection by measuring certain values such as the number of clients, the number of employees and the amount of data they store.
On the other hand, advises the author, "increased security will not only have an impact on the cost, but also on the way the company works," not being really practical for a firm's lawyers to become "paranoid" in obtaining approval of each and every request for access to documents, but also not to neglect the treatment of this data.
As the note published by Diferencia Legal reminds, Cyberincidents have increased more than 300% in the last year and an incident that evidences this trend is the recently Pandora Papers, including the leak of 12 million secret documents and involving 14 law firms.