The True Cost of Data Loss
We see it all the time. Whether it’s high profile hacks, insider threats, sophisticated ransomware, or customer details sold off to the highest bidder – data loss incidents are an unfortunate, and unwelcome part of everyday life. There is no doubt that this kind of threat looms over every sector of business, but what happens when it targets an industry that has a lot more to lose – when it’s not just the company’s data at stake, but all the legal information that it has been entrusted with, documents that are commercially – even nationally – sensitive. Worryingly, attacks that directly target law firms for data are increasing, creating ‘growing pressure’ on the industry to reassess their security practices.
Legal Industry at the centre of the ‘Largest ever data leak’
Law firm Mossack Fonesca experienced a data breach of gigantic proportions when their email server was compromised in 2016. A staggering 11.5 million confidential documents dating from the 1970s to 2015 were leaked – that’s 2.6 terabytes of data in total! This included 4.8 million emails, 3 million database format files, 2.2 million PDFs, 1.1 million images, and 320,000 text documents.
The breach made international headlines and generated a media furore, particularly as it revealed information about offshore accounts and tax havens for various high-profile individuals.
Chiles White, CEO of security firm IRM, said: ‘The leak should be taken as a cautionary tale for legal firms – they need to understand that they are seen as a rich source of salacious data and are very much at risk of the same thing happening to them.’
With a concerning increase in the amount of cyberattacks specifically targeting the legal industry, the question is not just how can you prevent them, but what would the experience cost you?
- Money: Whether it’s in the form of a hefty fine (up to £500,000 from the ICO), or fees for media relations, damage limitation and reparations, data breaches usually have a swift and significant financial impact.
- Reputation: Due to the nature of the industry and the importance of trust, reputation is probably one of the most valuable assets you have. A data breach compromises your current reputation, and can leaves a lasting impression that’s hard to shift.
- Client loss: As we mentioned above, these incidents usually result in an immediate cost to the business, but what about ongoing losses? A damaged reputation is likely to result in less business, especially in the initial stages, with wary clients opting for firms who have not been subject to data leakage.
- Legal Action: If an investigation shows that your security practices were not sufficient, or that the data loss was caused by poor practices, you may find yourself on the receiving end of legal action for a change.
What can you do?
Just as security threats are evolving quickly, so are the technologies used to combat them. Legal firms should respond to threats with a strong data loss prevention strategy, combining good security practice, stringent data protection policies, and industry-standard technology.
We will be exhibiting at LegalTech 2017 which takes place in New York next week (Jan 31st – Feb 2nd). The event explores new trends and technologies affecting the legal industry, bringing together a wide range of innovative solutions specifically designed for the legal sector. Joined by Cogmotive on the stand, we will be showing attendees how our data management solutions can be combined to help improve security, monitor compliance, and mitigate threats by identifying vulnerabilities in your environment.
Two exciting new products
We are excited to showcase a brand-new tool which makes it easier to collect PST files for legal discovery. Leveraging technology from PST FlightDeck, the new file discovery tool is able to gather and analyse PST files from a user, or set of users, that need to be retained and reviewed for discovery cases. The tool makes eDiscovery easier, enabling legal teams to conduct searches and begin to compile cases without relying on IT involvement to get the necessary information – saving time and resources. Find out more.
Cogmotive will also be debuting their latest solution ‘Discover & Audit’, which provides a full audit log of Office 365 activity. The forensic detail enables you to investigate anomalous events, monitor compliance and improve DLP strategies – giving you the visibility you need to identify a data threat before it becomes an incident. Find out more about the solution here.
If you’re attending LegalTech, make sure you visit us at booth 1418.