Reputation is everything

Law firms, in particular, are vulnerable to reputational damage from cyber-attacks.

To a law firm, reputation is everything. If clients and potential clients aren’t certain their sensitive information is secure, they will likely take their business elsewhere.

Law firms, in particular, depend upon a client’s trust and a data breach can easily ruin this.

If someone leaks sensitive documents about their clients, it can be devastating.

Typically, investment in cybersecurity by law firms has historically been lacking. However, there are signs that this is changing.

 Law firms tend to store a lot of very sensitive and valuable data on their systems, and the frequent use of email to transmit sensitive data and documents makes them a particularly appealing target to hackers.

Adding to the security issues they face; law firm staff typically use a wide range of mobile devices and often store data on USB flash drives.

Discovering a data breach can be traumatic for any organisation, but what’s worse is discovering that someone from within was the cause either deliberately or accidentally.

img1

The infamous cases of the Panama Papers and Paradise Papers scandals saw terabytes of sensitive data being leaked revealing the financial activities of Politicians, Bankers, Business people and much more to the public and the media.

The reputational damage to Mossack Fonesca, Appleby and Estera was huge.

What are Insider Vulnerabilities?

Insider Vulnerabilities come in two forms; the first is a malicious insider who deliberately harms an organisation. They are typically current employees, former employees, contractors or associates.

The most common reason for this is a poor working environment or mistreatment of staff that results in disgruntled employees.

Employees with special privileges are also a vulnerability as they can compromise sensitive data all too easily. 

In order to counter these vulnerabilities, policies for handling ex-employees need to be created and adhered to.

For example, if an organisation lays off an employee who has access to sensitive areas of the corporate network you need to ensure that all passwords are changed and that the entirety of their access is removed.

Failing to follow such procedures could allow the now disgruntled, outgoing and former employee to do harm to the organisation.

This risk can also increase where organisations have replaced dedicated resources with contractors, third-party support personnel or cloud-based IT services as those who administer such services will be beyond both the control and visibility of the organisation.

img2

It was an accident!

The other form of the insider threat is accidental; an employee may inadvertently open a malicious email that then spreads malware (such as Ransomware) throughout the organisation’s  network environment. It could also allow an attacker to gain a foothold and maintain persistence on the network to fulfil their objectives which may well be to exfiltrate sensitive data.

Employees that aren’t cyber aware are far more likely to fall victim to social engineering and phishing attacks that could result in criminals obtaining sensitive data. A favoured vector attack is when a criminal impersonates someone that a staff member trusts.

Other forms of accidental insider vulnerabilities include the use of weak passwords and bad habits such as sharing said passwords or writing them down and leaving them out for everyone to see. Downloading infected software that could contain malware without the IT department’s knowledge is also common, as is inadequate IT security policies that do not appropriately restrict what users can do in an organisational environment.

A spear phishing attack that tricks an employee to give away their passwords could potentially lead to an attacker gaining access to sensitive areas of a network are also major issues.

To avoid such incidents a company should invest in some basic cybersecurity awareness training for their employees. Having staff that are able to spot malicious emails can save a business a lot of time,  money and reputational impact that follows a cyber incident.

Cyber Essentials

Encouraging employees to follow the steps laid out in the Cyber Essentials Scheme is a great place to start. If you need assistance becoming Cyber Essentials accredited XQ Cyber can help as we are now fully an official Cyber Essentials Certification body!

Want to learn more about how XQ Cyber can help secure your business? Visit our website at www.xqcyber.com and If you want to give yourself the very best protection against cyber security threats try our CyberScore™ software for free now.

Follow us on FacebookTwitter and LinkedIn