Skip to main content Skip to footer

How can SME law firms build an infrastructure robust against cyber threats?

Ian Truscott

Modern, cloud-based document management solutions can quickly insulate law firms from many cyber risks.

In February 2021, the American Bar Association Journal reported a data breach at Jones Day, with hackers posting documents they claimed came from the firm and demanding a ransom. In 2019 the same publication conducted a survey during which 26% of respondents reported that their firms had experienced some sort of security breach.

Closer to home, the Solicitors Regulation Authority (SRA) in the UK published a report in September 2020 that found that three-quarters of the firms participating in their research had been the target of a cyberattack. For those firms not directly targeted, cybercriminals had instead targeted their clients during a legal transaction.

Calculating the impact of these breaches, the SRA found that this “often resulted in indirect financial costs. For example, one firm lost around £150,000 worth of billable hours following an attack, which crippled their system.”

The reporting of these data breaches and threats in the trade press and broader media has created an environment of sensitivity around how firms manage information and data. Clients are looking for transparency about how matters are handled, asking for ethical walls and ‘need to know’ security.

All this has become more complex with the shift to remote work caused by the pandemic. For colleagues working together and engaging with clients, law firms become dependent on tools like Microsoft Teams that sit outside their established document management processes and systems.

Large firms with significant IT investments and larger teams would seem to have an advantage here. But today’s cloud-based modern document management solutions have leveled the playing field, making a solid case for all law firms to move to the cloud.

Features like zero-trust security help by always assuming external and internal threats exist in the network. Modern, cloud-based document management solutions can allow firms to promptly create ethical walls and, of course, having the inherent contingency and fail-over benefits of cloud computing means it can quickly insulate law firms from many of these risks and meet their client’s security needs.

Additionally, with integration of a document management system to desktop and collaboration tools like Microsoft Teams, there is less friction for users to comply with policies and governance – enabling them the ability to work together effortlessly, using these very familiar and available tools. The same way the industry adjusted to the proliferation of email communication two decades ago, all these communications can be managed within the context of the matter, alongside existing documents and emails, all within the same secure environment.

All firms, regardless of size, are facing the same exposure to security breaches and risk. With modern document management in the cloud, they all have the opportunity to meet these challenges.

About the author

Ian Truscott