Posted on October 17, 2019 by Katherine Riley, CISA, CISM
One recent study estimated that a cyber-attack occurs every 39 seconds, which underscores the need of every business in America to be prepared for the possibility that their network security will eventually be tested if not breached. For law firms, the risk is even more severe. As of 2017, around 20% of all U.S. based law firms had been hacked. By early 2019, that percentage had risen to an alarming 25%.
And yet severe as the risk of security breach is, fewer than half of all law firms in the US have an adequate incident response plan in place, and less than a third of those firms with plans have undertaken any testing to ensure their preparedness in case of an attack. The lack of planning and testing only increases the dangers law firms face.