DirectorCYFOR Secure
Quotation Marks

Fortunately, alongside evolving risk, there are a number of cybersecurity measures those in the legal sector can prioritise to bolster their security posture for 2023.

Predictions for 2023: Cybersecurity in the legal sector

Predictions for 2023: Cybersecurity in the legal sector

Lawrence Perret-Hall reviews firms’ information security in 2023

Cybersecurity is a top concern for the legal sector. PWC’s Annual Law Firm Survey released in 2022 revealed that the industry is increasingly worried about cyber risk, especially as it becomes harder to insure against it. In fact, four in every five firms list cyber risk as a significant concern and many are hiring experts and dedicated teams to support the fight against the hacker. 

Fortunately, alongside evolving risk, there are a number of cybersecurity measures those in the legal sector can prioritise to bolster their security posture for 2023. Across the coming year, it’s crucial that proactive rather than reactive security remains front of mind – not only to make insurance more accessible, but also to best protect the legal workforce and their customers from the growing threat from cyber criminals. Below, I’ve listed my top 2023 cybersecurity predictions for law firms and outlined crucial guidance to improve cyber hygiene across the industry. 

Threats will evolve

First, the good news. At least for the beginning of 2023, conveyancing fraud is likely to slow. The price of mortgages is rising and less people are looking to move house in an uncertain economic climate. However, the bad news is that cybercriminals won’t simply accept a lack of successful breach attempts – cybercrime is a business and it’s often the livelihood of threat actors. Instead, they will look for other ways to exploit a vulnerable organisation. 

The insider threat will continue to pose a high risk

By the very nature of the work that lawyers do – primarily over email and involving sensitive data – the legal sector is highly vulnerable to phishing. It’s clear that this form of cybercrime has established itself as one of the most common ways hackers seek to infiltrate many industries. And these malicious emails are only likely to get more sophisticated in 2023. 

Considering 83 per cent of organisations fell victim to a phishing attack last year, the human element of cybersecurity – the ‘insider threat’ – must be considered by law firms. Regular cyber awareness training will help to encourage a ‘security first’ mindset across an entire firm, conducted little and often to ensure the importance of cybersecurity is translated into the day-to-day operations of employees. Additionally, phishing simulations can be an excellent way to improve user awareness of the types of risks their firm is exposed to. However, it’s also important that the results of any training and awareness programmes are analysed, with follow up support provided for staff who are struggling. 

Cyber insurance premiums will rise 

Cyber insurance premiums have risen exponentially over recent years. In the UK, premiums rose by  92 per cent in the final quarter of 2021 and, exacerbated by Russia’s invasion of Ukraine and the prospect of cyber warfare, this trend continued through 2022. It’s likely we’ll see cyber insurance as an issue discussed by boardrooms in 2023 as the market attempts to stabilise. 

For the legal sector, there’s opportunity for greater collaboration with security experts and cyber insurers to support this market stabilisation. This can incorporate more platforms for sharing knowledge or creating opportunities to advise and guide vulnerable organisations. However, this collaboration needs to start earlier. Currently, cybersecurity is too reactive; security experts, insurers and cyber lawyers are often on hand as soon as a breach occurs, but there is far less engagement before this event. This will need to change in 2023 if we’re to get ahead of threat actors.

Law firms will turn to external security experts 

For smaller firms with fewer IT and security staff, hiring a dedicated team of cyber experts to deliver regular staff awareness training, conduct phishing simulations and implement new processes and procedures to improve cyber hygiene may not be realistic. Many simply don’t have the resource or budget for this. Thus, it’s becoming increasingly necessary to work with a trusted security partner to bolster cyber resilience and ensure return on investment on cyber investment. In a year of intense budget scrutiny, working with security partners that can help to protect the highly sensitive data that legal firms hold will be crucial. 

Lawrence Perret-Hall is director at CYFOR Secure: cyforsecure.co.uk

AdvertisementAdvertisementAdvertisementAdvertisementAdvertisementAdvertisement
Latest News

Legal job numbers increase but applications decline

Fri Sep 29 2023

BARBRI candidates outperform SRA average by 13%

Fri Sep 29 2023

Justice delayed as thousands of cases wait more than two years to be heard

Thu Sep 28 2023

Solicitors warned over immigration services

Thu Sep 28 2023

New report highlights the transformative effects of domestic abuse training on family lawyers

Wed Sep 27 2023

Asylum seekers stranded on Diego Garcia win challenge against return to Sri Lanka

Wed Sep 27 2023

UN and coalition of NGOs write to Unilever to voice deep concern regarding victims of violence at Unilever tea plantation

Tue Sep 26 2023

Live Facial Recognition: How to Stay Within the Law

Tue Sep 26 2023

Ethics Institute launches taskforce to examine legal services to oligarchs and kleptocrats

Mon Sep 25 2023
FeaturedThe Law Society intervention ensures liberal approach to dealing with concurrent problems on legal aid
The Law Society intervention ensures liberal approach to dealing with concurrent problems on legal aid
Jeanne Kelly elected President of the British Irish Chamber of Commerce
Jeanne Kelly elected President of the British Irish Chamber of Commerce
Families continue to be victims of a broken justice system
Families continue to be victims of a broken justice system
Call for compensation scheme extension to help more abuse survivors
Call for compensation scheme extension to help more abuse survivors
SJ Interview: Hannah Ambrose
SJ Interview: Hannah Ambrose
Whose human rights are more important, yours or mine?
Whose human rights are more important, yours or mine?