How legal firms can stay on the front foot of digital transformation
Businesses in every sector have been heavily impacted and permanently altered by the COVID-19 crisis, writes Brett Raphael.
The CrowdStrike Asia Pacific and Japan (APJ) State of Cybersecurity Survey uncovered the true extent of these changes, with 44 percent of Australian business leaders reporting COVID-19 has accelerated their move to cloud solutions and 82 per cent saying it changed the way they interact or deliver products and services to customers.
The legal sector is no exception. Law firms have seen digital transformation rapidly accelerate as they battle to transform their operations to support mass remote-working arrangements for staff, while continuing to retain and attract clients.
There is no sign of this trend slowing for law firms. Despite a grim economic outlook, 41 per cent of Australian business leaders expect technology budgets to increase. The focus of that investment is split across multiple priorities as firms aim to cement and enhance the gains made from digital transformation. However, more than half (56 per cent) of business leaders believe that cyber security is the top priority for additional investment.
This demonstrates that leaders are understanding the increasing and evolving cyber risks in a rapidly changing world. These include cyber criminal groups using social engineering techniques to leverage the public’s fear of COVID-19 and targeting new SaaS and cloud-based remote services to access an organisation’s data, with e-criminals attempting to mimic official business communications for financial gain.
CrowdStrike Intelligence has been observing the increasing sophistication of criminal organisations on a daily basis and as the pandemic and subsequent economic crisis continue to develop organisations will require a clear and comprehensive response.
Revise your security program to support a hybrid workforce
With hybrid working now likely to be a permanent feature in most organisations, cyber security programs need to be considered in detail. Australian business leaders identify their remote workforce as the top cybe security challenge in the next 18 months, with almost half (47 per cent) putting this ahead of new regulation (31 per cent) and costs of compliance (42 per cent).
Respondents were also concerned about an increase in remote working from home in the next six months putting their company (52 per cent) at more risk of a cyber attack.
Given this clear risk, ensuring law firm security programs and practices are revised to support a workforce spread not just across offices and homes, but across the country – from regional towns to inner-city cafes – is vital.
Transparent communication on COVID-19 and trending themed malware
As lawyers are particularly aware, knowledge is power, and the same principle applies to cyber security. Knowing what the latest threats are, is the first step towards protecting an organisation from them.
In Australia, 40 percent of business leaders don’t receive communications about COVID-19 themed malware threats, slightly above the regional average of 36 per cent. Ensuring your firm or company receives relevant and timely information is vital in identifying new risks and mitigating them before they have the potential to damage your firm or client.
Cloud-native solutions for security and collaboration
With fewer than half (48 per cent) of Australian business leaders reporting they had changed their cyber security plan as a result of COVID-19, the need to implement responsive solutions is clear.
Choosing a cloud-native platform means law firms can take advantage of the scalability and cost-effectiveness of the cloud, while updating the solution easily on a variety of devices across a remote workforce.
Employee hygiene training
The move to remote or hybrid working looks set to be a permanent one, with 82 per cent of business leaders expecting this model to continue. This has the natural impact of lawyers using their own devices, and working from a variety of locations, particularly as local lockdowns lift.
Law firms must ensure all staff are aware of the cyber security risks, and how to mitigate and combat them. Regular training, which acknowledges recent changes and anticipated threats, should be provided to reduce the risk of human error undermining processes and products.
With law firms already facing a raft of challenges in the new COVID-world, cyber security should be not added to the list. By acknowledging the risks, being educated on existing and upcoming threats, and taking action to confront them, the legal sector can safely navigate through a tentative recovery.
Brett Raphael is the managing director, Australia & New Zealand at CrowdStrike.