The total value of the legal sector in the United Kingdom is £25.7 billion, with over 12 000 law firms employing approximately 360 000 people. Unsurprisingly, such a strong industry has not been exempt from the growing trend of cyber threats to businesses, their employees and clients. Law firms create and store sensitive business and client data, making them valuable targets for malicious actors.
The threat to the UK’s legal sector is very real, and growing quickly, with 62% of law firms reporting they had suffered an incident last year – up from 45% the previous year. Relatedly, 90% of law firms in the UK are aware of guidance on how to protect their firm from becoming a victim of cyber scams, however 41% of those report that they have not used the guidance. It is clear that cyber resilience of the sector does not reflect the real threat to firms of all sizes.
Perhaps the best example of the value of the data that legal firms store can be found in the biggest leak of documents to date, when over 11 million documents from the law firm in Panama, Mossack Fonseca (AKA Panama Papers) were leaked in 2016. This single incident was bigger than the 2010 Wikileaks and the 2013 Snowden leaks combined.
This briefing will take a closer look at the cyber threat posed to the legal sector and analyse what law firms can do to ensure that they, and their clients, are more cyber secure.
Povel Torudd, Head of Corporate Communications, Kaspersky
Dyann Heward-Mills, Head of Data Protection and Cyber Security Group, Baker McKenzie
Patrick Southwell, Director of Strategy, Berkeley PR