I have been engaging with legal sector clients for a number of years around security and there has always been, like many other sectors, a shortage in skills and resources available. 

It is well known that law firms have access to and store disproportionate amounts of sensitive data compared to businesses of similar size, and this point alone makes firms an attractive target for hackers.

In recent years we have seen the threat landscape evolve tremendously and the attacks are far more sophisticated and well funded. Subsequently, the industry is shifting its investments in search for more mature security solutions such as SIEM.  

However, given the risk a potential breach poses for a law firm (just look at Mossack Fonseca), I find through my engagements that the sector has been slow to adopt maturer security solutions. There are some underlying reasons behind the slow adoption but I believe a major reason is the shortage of skills. SIEM starts with broad and deep visibility of the infrastructure and with this type of visibility comes lots of information. When an abnormal event occurs, typically you will require someone to investigate and qualify if the alert poses a genuine risk to the business. Therefore I often see firms believe an investment in SIEM is not only in technology but also staff.

While in some SIEM cases this is true, LogRhythm is helping businesses overcome resource challenges through risk prioritization, streamlined workflows and automation.

And if you quite simply do not have the resources to manage a SIEM, we partner with many professional managed service providers to take on your SIEM challenges.  

If you find yourself in a similar situation, I would encourage you to download our brochure "How to build a SOC with Limited Resources", which will provide you with a benchmark of ideas.