CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway. Learn More

CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway. Learn More

Services
Capture
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

twi-managed-portal-color
Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

twi-briefcase-color-svg
Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

tw-laptop-data
Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

twi-database-color-svg
Database Security

Prevent unauthorized access and exceed compliance requirements.

twi-email-color-svg
Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

tw-officer
Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

tw-network
Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

How Law Firms Can Help Ensure Data Security Amid Growing Client Concerns

When one thinks of enticing and lucrative hacker targets, law firms likely aren't the first to come to mind. In fact, they may not even make the list.

But starting more than five years ago, federal authorities began specifically warning legal entities about their viability - and vulnerability - to hacker intrusions. Law firms typically are in possession of a stockpile of sensitive data relating to their clients. And depending on the type of firm, those clients may be businesses that generate international interest around matters like acquisitions and patents.

Despite the warnings, the legal industry is still lagging when it comes to data protection. As a result, firms facing increasing pressure to button up their cybersecurity presence - not only from authorities, but now also from their clients.

Much like any third-party relationship, law firms sign agreements with their corporate clients. And now those clients, including Wall Street companies, are demanding law firms undertake security measures and show proof of their ongoing security and monitoring, according to a recent article in The New York Times.

Wall Street banks are pressing outside law firms to demonstrate that their computer systems are employing top-tier technologies to detect and deter attacks from hackers bent on getting their hands on corporate secrets either for their own use or sale to others, said people briefed on the matter who spoke on the condition of anonymity. Some financial institutions are asking law firms to fill out lengthy 60-page questionnaires detailing their cybersecurity measures, while others are doing on-site inspections.

 

So what can law firms do to both protect the sensitive information in their control and ensure their data, network and application security is up to snuff in the eyes of their clients? Here are seven suggestions:

1. Conduct a Risk Assessment

Your clients are going to ask what your security posture looks like, so it makes sense to perform a thorough review of your environment to identify gaps where your confidential data, including information contained on mobile devices, could be at risk for exposure.

2. Deploy Advanced Security Defenses

Targeted, socially engineered emails, typically known as spear phishes, are a common ruse used by criminals to establish a foothold on law firm networks. To combat these attacks, consider security gateways specifically designed to protect your business in real time from threats like malware, zero-day vulnerabilities and data loss.

3. Secure Your Apps and Databases

Your most valuable data lies in your databases. Companies traditionally fail to focus enough attention on the application and database layers. Ensure these entryways to and repositories of critical data are locked down from an access and encryption perspective, are regularly scanned for vulnerabilities and misconfigurations, and are properly patched.

4. Have a Breach Response Plan in Place

Face it, breaches are going to happen. The key to mitigating the damage is detecting an intrusion and responding quickly. This requires having an actionable incident readiness and response plan in place (and many large corporate clients are asking for these plans specifically). Or consider proactive breach detection investigations, which are designed to identify if your firm has been victimized by a breach or if it suspects an attack already is happening.

5. Consider Help From a Managed Security Services Provider

Your core competency is representing your clients - not securing your infrastructure. Our 2014 Security Pressures Report, which surveyed more than 800 IT professionals, showcased that most organizations are reeling from budget constraints, skills shortages and time limitations when it comes to security. A managed security services provider can provide the help you need, while allowing you to concentrate on your business.

6. Establish or Improve Your Security Awareness Program

This blog just mentioned that criminals often rely on social engineering to trick users into downloading attachments or following links contained in an email. As such, train your employees to be on the lookout for fraudulent communications that might look legitimate, but aren't. They also should be mindful of other risks, such as transferring sensitive client data onto easy-to-lose memory sticks or sending emails containing confidential files to computers outside of the corporate firewall.

7. Reference Industry Groups

While admittedly lagging other industries, the legal community has a number of trade groups that are taking data security more seriously. For example, the International Legal Technology Association recently formed LegalSEC, an initiative whose primary goal is to introduce the legal field to the ISO 27000 series of standards. The American Bar Association also has provided resources.

Dan Kaplan is manager of online content at Trustwave.

Latest Trustwave Blogs

Law Enforcement Must Keep up the Pressure on Cybergangs

The (apparent) takedown of major ransomware players like Blackcat/ALPHV and LockBit and the threat groups’ (apparent) revival is a prime example of the Whack-a-Mole nature of combating ransomware...

Read More

Effective Cybersecurity Incident Response: What to Expect from Your MDR Provider

Companies engage with a managed detection and response (MDR) provider to help ensure they detect cyber threats before they do any damage. The "response" part of the MDR moniker is key to that effort,...

Read More

The Power of Red and Purple Team Drills in Enhancing Offensive Security Programs

Despite investing in costly security solutions, keeping up with patches, and educating employees about suspicious emails, breaches still occur, leaving many organizations to wonder why they are...

Read More