Are Law Firms Prepared When It Comes to Data Breaches? Here’s Why You Need to Worry

A significant cyberattack in 2017 brought company-wide disruption for a leading law-firm and raised the question of whether law firms are prepared for a business outage and how would they service clients’ requirements?

The Instant Group and Sandpiper Partners conducted a survey to delve into the risk of business continuity for law firms in light of disruptive events, such as 2017’s cyberattack.

The majority of firms seemed confident that the necessary business processes were in place, but their responses also hinted at the lack of consistency in approach to BCP and many procedures remain untested.

The research discovered that a large proportion of those asked were dependent on remote working and cloud IT processes in the instance of an outage. This leaves firms open to risk and hinder the ability of a firm to bring its key client leads together to plan next steps and service client requirements.

The biggest threats

Instant’s research found that 71% see a data breach or cyberattack as the biggest threat with technology disruption replacement being the greatest priority (78%).The effects from any outages are said to be; revenue loss, inaccessible or lost data and reputational impact. With this in mind, we found that 98% of firms claim to have a BCP in place with the top concern being IT functionality.

The issues you can’t control…

Whilst there has been significant focus on cyberattacks, there is also an overriding threat of natural disasters in many locations across the globe.

In the last 12 months we have seen Hurricane Harvey leave nearly 250,000 people without power outages, inclusive of commercial property, leaving many unable to work at all.

In particular many firms’ plans are dependent on remote working and IT processes that have, in several recent cases, been put at risk during natural disasters or acts of terrorism.

The report delves deeper into the implications of cyber security, the challenges of working during a natural disaster and how long you should be without your office for as well as what law firms have learnt from regular testing.

There are several key areas for consideration across workspace, IT and HR that all need to be addressed within the context of business continuity planning. Understanding how to co-ordinate the approach across these business areas is fundamental to a firm’s ability to minimize the disruption caused by a business outage of any size. An underlying learning is the need to be adaptive and flexible in response.

Their unique research assesses these different areas of co-ordination and also includes information from experts on issues such as cyber-attacks and other future threats to business continuity.

(Source: The Instant Group)