By Steve Whiter, director of Appurity
Not a day seems to go by these days without another report of a ‘hacking’ incident of some sort creating copy in the relevant media. Only very recently, a U.K. listed law firm reported suffering a cyberattack according to a filing to the London Stock Exchange. After discovering an intrusion into its systems, their IT team seemingly acted speedily to secure its systems. Although apparently “confident” that its security controls were effective in limiting the impact of the incident, the IT firm confirmed that a small amount of its data had been compromised during the attack which included an undisclosed amount of client information. A subsequent statement by the board concluded that there was no evidence to suggest that the firm’s financial performance had been impaired.
Whatever the final figures were or precisely how much ‘damage’ occurred in relation to this attack, it serves as a timely reminder that firms in the legal sector need to remain particularly vigilant whilst maintaining robust security at all times in their capacity as custodians of very sensitive and important client data. It comes at a time when mobile and smart device usage continues to grow with a corresponding rise in mobile security threats. Some reports suggest that mobile devices now account for more than 60 percent of digital fraud. The UK has seen an explosion in remote working and working on the move due to COVID – and the legal sector is very much included here. A significant increase in workers using their mobile devices for both work and personal use brings about a new set of headaches and challenges but, also, new solutions to help legal firms defend themselves.
So, what are the options for your firm?
A Cloud Access Security Broker (CASB) solution can optimise visibility across an organisation, by monitoring all user activity within cloud applications (company-approved and shadow apps) and enforce both internal policies and external compliance requirements. A CASB solution should additionally be adopted as part of a wider SIM/SIEM solution for the ultimate in forward-looking, secure data collection, monitoring, and consolidation. Many CASB solutions are designed with compliance in mind. They provide granular visibility and control over user interaction with cloud applications and broad audit trails of such user activity. They tend to operate as a system that is partly a filter, proxy and firewall between the users and cloud systems. They have capabilities to detect unsanctioned cloud applications, as well as sensitive data in transit. Organisations can use CASB to address specific use cases with their cloud providers and are perfect for centralised control, management and ease of use.
With so much going on in the cloud as businesses strive to provide increased levels of remote access, there is the potential for data leakage in the cloud. Using CASB gives organisations the power to maintain visibility over data that has gone beyond the reach of on-premises tools. Detailed logs on all cloud transactions (logins, uploads, or downloads) are always recorded and app-specific behaviours are also logged, helping organisations know the whereabouts of data if it is shared.
Zero Trust Network Access (ZTNA)
Technology can afford us the flexibility and ability to work anywhere – in the office, at home or on the road. With most workers effectively not now tethered to a desk / desktop, businesses require security platforms that support the new normal with solutions that provide remote workers with security whilst actively improving the employee experience. Organisations need to ensure that employees are able to work on any device, which makes tools like multi factor authentication and a Zero Trust approach to security absolutely crucial.
Organisations are moving to a ‘zero trust’ approach which places greater importance on identifying the real-time health of a user’s device and the ability to provide conditional access to corporate data as a result. Zero trust security is all about eliminating implicit trust. Effectively it is an interrogation of trust within networks or the trust between host and applications. Boiled down, zero trust implies that the best way to secure a network is to assume no level of trust whatsoever. Employing a zero-trust model supposes that no single person is able to solely execute any sort of change to the system that could affect the security of the system. One way to make this happen is to embrace a ‘zero touch’ mentality whereby human vulnerabilities are effectively replaced by automation. In all thing’s ‘security’, humans are invariably the weakest point in any chain. To mitigate human error, adopt single sign-on solutions and strengthen security controls that oversee how and where employees get access to specific data.
Cyber Essentials +
Cyber Essentials is a simple but effective, Government backed scheme that will help you to protect your firm against a whole range of the most common cyber-attacks. It can help you to guard against the most common cyber threats and demonstrate your commitment to cyber security. It can reassure your clients that you are working to secure your IT against cyber-attack and can even help to attract new clients with the promise you have cyber security measures in place. Cyber Essentials Plus adopts the simple approach of Cyber Essentials trademark simplicity of approach but includes a hands-on technical verification. However, it is worrying to read research by Law.com that found that 40% of the leading 50 U.K. law firms still didn’t have the highest level of cybersecurity accreditation offered by Cyber Essentials Plus.
The legal sector is a highly regulated industry where even a minor security flaw can have far-reaching consequences, and with COVID continuing to have an impact on remote working and working on the move, it is imperative that you give your firm ultimate protection in the face of ongoing cyber threats.