I have been engaging with legal sector clients for a number of years around security and there has always been, like many other sectors, a shortage in skills and resources available.
It is well known that law firms have access to and store disproportionate amounts of sensitive data compared to businesses of similar size, and this point alone makes firms an attractive target for hackers.
In recent years we have seen the threat landscape evolve tremendously and the attacks are far more sophisticated and well funded. Subsequently, the industry is shifting its investments in search for more mature security solutions such as SIEM.
However, given the risk a potential breach poses for a law firm (just look at Mossack Fonseca), I find through my engagements that the sector has been slow to adopt maturer security solutions. There are some underlying reasons behind the slow adoption but I believe a major reason is the shortage of skills. SIEM starts with broad and deep visibility of the infrastructure and with this type of visibility comes lots of information. When an abnormal event occurs, typically you will require someone to investigate and qualify if the alert poses a genuine risk to the business. Therefore I often see firms believe an investment in SIEM is not only in technology but also staff.
While in some SIEM cases this is true, LogRhythm is helping businesses overcome resource challenges through risk prioritization, streamlined workflows and automation.
And if you quite simply do not have the resources to manage a SIEM, we partner with many professional managed service providers to take on your SIEM challenges.
If you find yourself in a similar situation, I would encourage you to download our brochure "How to build a SOC with Limited Resources", which will provide you with a benchmark of ideas.
Although firms may have the best intentions, it’s extraordinarily difficult to stay on top of cybersecurity. Recruiting talented people with the right skills and experience is a major challenge. It’s common now for major firms to appoint a chief information security officer (CISO), but finding people to staff an entire team that understands the issues facing that particular organisation remains a challenge at all levels. After that, there’s the problem of keeping them updated in their field. Skills in this area can very quickly become obsolete if they aren’t constantly kept up to date.