Cyberattacks: are law firms ready for disruption?

A significant cyberattack in 2017 brought company-wide disruption for a leading law firm and raised a question: are law firms prepared for a business outage, and how would they service clients’ requirements? 

A survey, conducted by The Instant Group Sandpiper Partners (a legal consultancy firm), looked into the risk of business continuity for law firms in light of disruptive events, such as 2017’s cyberattack.  The majority of firms seemed confident that the necessary business processes were in place, but their responses also hinted at the lack of consistency in approach to BCP and many procedures remain untested. The research discovered that a large proportion of those asked were dependent on remote working and cloud IT processes in the instance of an outage. This leaves firms open to risk and hinders the ability of a firm to bring its key client leads together to plan next steps and service client requirements.

 The biggest threats 
The research found that 71% see a data breach or cyberattack as the biggest threat with technology disruption replacement being the greatest priority (78%).The effects from any outages are said to be revenue loss, inaccessible or lost data and impact on reputation. With this in mind, we found that 98% of firms claim to have a BCP in place with the top concern being IT functionality. 

Uncontrollable issues
Whilst there has been significant focus on cyberattacks, there is also an overriding threat of natural disasters in many locations across the globe.  In the last 12 months, Hurricane Harvey left nearly 250,000 people without power outages, inclusive of commercial property, leaving many unable to work at all. In particular, many firms’ plans are dependent on remote working and IT processes that have, in several recent cases, been put at risk during natural disasters or acts of terrorism.

The full report 
The report delves deeper into the implications of cybersecurity, the challenges of working during a natural disaster and how long you should be without your office for as well as what law firms have learnt from regular testing. There are several key areas for consideration across workspace, IT and HR that all need to be addressed within the context of business continuity planning. Understanding how to coordinate the approach across these business areas is fundamental to a firm’s ability to minimise the disruption caused by a business outage of any size. An underlying learning is the need to be adaptive and flexible in response.  The full report can be downloaded here.

Blog

• Catalonia - arrest warrants issued for deposed government members
• Clifford Chance’s SPARK Scheme: How can it help you to secure a training contract early on?
• Gender pay gap at the top - women paid around £12,000 less
• Robert Mugabe resigns after a 37 year rule
• "The Gender Pay Gap Is A Continuing Reality"