A new report from PwC indicates that a significant proportion of security incidents in the legal sector are phishing-based. The article below highlights the importance of a more proactive approach.
The days of organisations in any sector being able to implement a security product and forget about it are long gone, but what constitutes a proactive approach?
Well, it starts with knowing what is actually going on within your environment. Visibility means a great deal. Beyond that, automation is key when dealing with phishing - most organisations just do not have the time to spend on manually investigating suspicious email, so why not let the technology do that for you? Our SOC reduced their time to investigate a phishing email from 45 mins to less than five through automation.
It just goes to show, you don't need an army of security analysts to improve your security. Be proactive, understand where your risks are, and automate wherever possible.
PwC’s 2017 Law Firm survey found that the most common security incidents were phishing attacks: 12% of firms faced phishing attacks on a daily basis, and a further 30% identified such attacks on either a weekly or monthly basis. It is this human element that often leads firms to overestimate the strength of their defences. As a rule, people will always take shortcuts to make their jobs easier – and good security can often be a casualty of the race for efficiency. When any employee can jeopardise your firm’s security with a single careless mouse-click, it should be clear that mitigating information security risks is about far more than implementing processes, and installing antivirus and anti-malware programs. A more proactive approach is needed.