Sign Up for our Free Newsletter
menu
Solicitors Journal Homepage
DirectorCYFOR Secure
Quotation Marks

Fortunately, alongside evolving risk, there are a number of cybersecurity measures those in the legal sector can prioritise to bolster their security posture for 2023.

Predictions for 2023: Cybersecurity in the legal sector

Fri Mar 17 2023Opinion
Predictions for 2023: Cybersecurity in the legal sector

Lawrence Perret-Hall reviews firms’ information security in 2023

Cybersecurity is a top concern for the legal sector. PWC’s Annual Law Firm Survey released in 2022 revealed that the industry is increasingly worried about cyber risk, especially as it becomes harder to insure against it. In fact, four in every five firms list cyber risk as a significant concern and many are hiring experts and dedicated teams to support the fight against the hacker. 

Fortunately, alongside evolving risk, there are a number of cybersecurity measures those in the legal sector can prioritise to bolster their security posture for 2023. Across the coming year, it’s crucial that proactive rather than reactive security remains front of mind – not only to make insurance more accessible, but also to best protect the legal workforce and their customers from the growing threat from cyber criminals. Below, I’ve listed my top 2023 cybersecurity predictions for law firms and outlined crucial guidance to improve cyber hygiene across the industry. 

Threats will evolve

First, the good news. At least for the beginning of 2023, conveyancing fraud is likely to slow. The price of mortgages is rising and less people are looking to move house in an uncertain economic climate. However, the bad news is that cybercriminals won’t simply accept a lack of successful breach attempts – cybercrime is a business and it’s often the livelihood of threat actors. Instead, they will look for other ways to exploit a vulnerable organisation. 

The insider threat will continue to pose a high risk

By the very nature of the work that lawyers do – primarily over email and involving sensitive data – the legal sector is highly vulnerable to phishing. It’s clear that this form of cybercrime has established itself as one of the most common ways hackers seek to infiltrate many industries. And these malicious emails are only likely to get more sophisticated in 2023. 

Considering 83 per cent of organisations fell victim to a phishing attack last year, the human element of cybersecurity – the ‘insider threat’ – must be considered by law firms. Regular cyber awareness training will help to encourage a ‘security first’ mindset across an entire firm, conducted little and often to ensure the importance of cybersecurity is translated into the day-to-day operations of employees. Additionally, phishing simulations can be an excellent way to improve user awareness of the types of risks their firm is exposed to. However, it’s also important that the results of any training and awareness programmes are analysed, with follow up support provided for staff who are struggling. 

Cyber insurance premiums will rise 

Cyber insurance premiums have risen exponentially over recent years. In the UK, premiums rose by  92 per cent in the final quarter of 2021 and, exacerbated by Russia’s invasion of Ukraine and the prospect of cyber warfare, this trend continued through 2022. It’s likely we’ll see cyber insurance as an issue discussed by boardrooms in 2023 as the market attempts to stabilise. 

For the legal sector, there’s opportunity for greater collaboration with security experts and cyber insurers to support this market stabilisation. This can incorporate more platforms for sharing knowledge or creating opportunities to advise and guide vulnerable organisations. However, this collaboration needs to start earlier. Currently, cybersecurity is too reactive; security experts, insurers and cyber lawyers are often on hand as soon as a breach occurs, but there is far less engagement before this event. This will need to change in 2023 if we’re to get ahead of threat actors.

Law firms will turn to external security experts 

For smaller firms with fewer IT and security staff, hiring a dedicated team of cyber experts to deliver regular staff awareness training, conduct phishing simulations and implement new processes and procedures to improve cyber hygiene may not be realistic. Many simply don’t have the resource or budget for this. Thus, it’s becoming increasingly necessary to work with a trusted security partner to bolster cyber resilience and ensure return on investment on cyber investment. In a year of intense budget scrutiny, working with security partners that can help to protect the highly sensitive data that legal firms hold will be crucial. 

Lawrence Perret-Hall is director at CYFOR Secure: cyforsecure.co.uk

AdvertisementAdvertisementAdvertisementAdvertisementAdvertisementAdvertisement
Latest News

Legal job numbers increase but applications decline

Fri Sep 29 2023

BARBRI candidates outperform SRA average by 13%

Fri Sep 29 2023

Justice delayed as thousands of cases wait more than two years to be heard

Thu Sep 28 2023

Solicitors warned over immigration services

Thu Sep 28 2023

New report highlights the transformative effects of domestic abuse training on family lawyers

Wed Sep 27 2023

Asylum seekers stranded on Diego Garcia win challenge against return to Sri Lanka

Wed Sep 27 2023

UN and coalition of NGOs write to Unilever to voice deep concern regarding victims of violence at Unilever tea plantation

Tue Sep 26 2023

Live Facial Recognition: How to Stay Within the Law

Tue Sep 26 2023

Ethics Institute launches taskforce to examine legal services to oligarchs and kleptocrats

Mon Sep 25 2023
FeaturedThe Law Society intervention ensures liberal approach to dealing with concurrent problems on legal aid
The Law Society intervention ensures liberal approach to dealing with concurrent problems on legal aid
NewsFri Sep 29 2023
The Law Society intervention ensures liberal approach to dealing with concurrent problems on legal aid
The High Court has today (29 September) handed down its judgment in R v Lawstop*, a judicial review case where the Law Society intervened.
Jeanne Kelly elected President of the British Irish Chamber of Commerce
Jeanne Kelly elected President of the British Irish Chamber of Commerce
NewsFri Sep 29 2023
Jeanne Kelly elected President of the British Irish Chamber of Commerce
Jeanne Kelly, one of the founding partners of Browne Jacobson’s Dublin offering was yesterday (Tuesday 26 September) announced as the new elected President of the British Irish Chamber of Commerce (BICC).
Families continue to be victims of a broken justice system
Families continue to be victims of a broken justice system
NewsFri Sep 29 2023
Families continue to be victims of a broken justice system
The continued delays in the family courts mean families are the victims of a broken justice system, the Law Society of England and Wales warned today (29 September).
Call for compensation scheme extension to help more abuse survivors
Call for compensation scheme extension to help more abuse survivors
NewsFri Sep 29 2023
Call for compensation scheme extension to help more abuse survivors
APIL is calling for victims of child sex crimes, such as online grooming and online child sexual abuse, to be eligible for damages from the Criminal Injuries Compensation Scheme (CICS).
SJ Interview: Hannah Ambrose
SJ Interview: Hannah Ambrose
SJ InterviewMon Sep 25 2023
SJ Interview: Hannah Ambrose
Hannah Ambrose is an international arbitration partner at Herbert Smith Freehills. She talks to Solicitors Journal about her practice and the Law Commission's recent proposals to update the Arbitration Act 1996.
Whose human rights are more important, yours or mine?
Whose human rights are more important, yours or mine?
ForewordFri Sep 08 2023
Whose human rights are more important, yours or mine?

Under the law, should your right to express your opinion – be it on politics, the environment, abortion, or anything else – trump my right to go about my business unhindered, whether or not I happen to agree with your opinion?