Shutterstock
If the movies formed your understanding of cybersecurity threats against the legal profession, you would believe that criminal syndicates are hacking into law firms constantly. These organizations would apparently have endless technology and gadgets, penetrating networks using the most sophisticated “James Bond” techniques that even the best defenses in the world could not possibly thwart. Recent news reports do not paint a much better picture of the many “bad guys” getting access to confidential information and data entrusted to both big and small law firms. The reality is different and much less glamorous and sophisticated than we see in the media.
The truth is, however, that law firms are responsible for safekeeping some of the most valuable, sensitive and highly confidential information of companies and individuals. The breadth and value of that information makes them a lucrative target for so many different types of bad guys that span almost every human threat vector one can model. The other reality is that, while most of these attackers are motivated, very few of them have evil lairs filled with supercomputers and spy gadgets in their arsenal. Unlike the movies, however, they unfortunately do not need those tools to be successful bad guys against law firms.
