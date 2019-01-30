|
New Study on Cybersecurity Preparedness Finds Less Than Half of Law Firms Implement Top-weighted Protocols
LOGICFORCE
a leading legal IT consultancy, today released the results of its most
recent Law Firm Cybersecurity Scorecard, a periodic study designed to
assess cybersecurity preparedness across the legal industry and educate
law firms on data protection best practices.
Results of the study indicate that law firms are increasingly investing
in cybersecurity programs, but most law firms are not implementing many
of the protocols that will comprehensively protect them and their
clients over time. Many firms' clients and potential clients are not shy
about demanding secure data practices. Fifty-four percent of law firms
report being audited by one or more clients at least once - a 13%
increase since the last scorecard.
"The 2018 Cybersecurity Scorecard findings show that while cybersecurity
preparedness in the legal industry has improved since our last
scorecard, law firms must adopt more effective cybersecurity measures to
protect themselves and their clients," said Gulam Zade, partner and
general counsel at LOGICFORCE. "Comprehensive cybersecurity protocols
are imperative to preserving client trust, protecting the most sensitive
data and, ultimately, allowing law firms to differentiate themselves as
legal services providers."
Key findings include:
Most law firms aren't implementing top-weighted cybersecurity
protocols.
Less than half of law firms are iplementing some of the top-weighted
cybersecurity protocols - these being multi factor authentication (47%),
3rd party risk assessment (37%), having the proper security executive
(34%), and SOC monitoring (24%).
Many law firms don't have formal measures in place to keep their data
secure.
Most law firms are investing in certain cybersecurity measures, such as
penetration and vulnerability testing (88%) and have some sort of
password management tool in place (99%). However, fewer law firms are
investing in more formal cybersecurity areas. For example, 36% of firms
do not have cybersecurity insurance, 45% of firms do not have formal
cybersecurity policies, and 46% do not have cybersecurity training
formally documented.
The majority of law firms require better cybersecurity management.
Currently, most (67%) law firms place the responsibilities for
implementing and managing cybersecurity policies on either IT Directors
or Managers or some other non-IT executive at the firm. Roughly 1 in 3
(34%) firms leave these responsibilities to personnel who have
specialized knowledge on cybersecurity, such as a Chief Information
Security Officer or an Information Security Manager.
To access the full report, please visit https://www.logicforce.com/scorecard/.
Survey Methodology
The information in this study is a compilation of critical data points
determined by LOGICFORCE and gathered through client surveys, the firm's
proprietary SYNTHESIS E-IT SECURE® assessments, and market research.
LOGICFORCE commissioned a survey to determine the cybersecurity
policies, practices, and tools that are currently being implemented at
law firms and assessed more than 200 IT decision makers across small and
medium-sized law firms (20-200 attorneys) located throughout the United
States.
About LOGICFORCE:
LOGICFORCE is a technology consulting firm that improves the
profitability and operations of law firms through the strategic
application of technology. The firm's specialties include IT
optimization, eDiscovery, document review, cyber security and digital
forensics. Since 1995, LOGICFORCE has worked with hundreds of law firms
across the country to ensure improved security and productivity within
their legal business. To learn more about LOGICFORCE, visit www.logicforce.com.
