Cyber threats are getting smarter. Law firms must step up their breach responses

Speaking with Lawyers Weekly after her panel session at RelFest Sydney, Hannah Woodruff, director of product management at Relativity, emphasised that law firms are confronting a sustained surge in cyber incidents.

“We continue to see an increase in, unfortunately, the number of incidents that are happening. We see this globally, but also in the Australian region, of course, as well,” she said.

She explained that the surge is driven not just by the sheer volume of data firms generate, but by its growing complexity and sensitivity, making it an increasingly attractive target for attackers zeroing in on the information where a breach inflicts the greatest damage.

“Which is really your credit cards, your passports, your driver’s license, the information that’s going to be really painful when you lose it,” she said.

Due to this shift, she observed how it is forcing law firms to rethink their breach response strategies, as surging data volumes and complexity push them towards greater reliance on AI for high-volume work.

“We’re definitely seeing an increase in law firms and service providers having to use AI for the volume work and then use human review for ambiguity, for edge cases, for things where we as humans can use our judgement and get the help from AI to give you kind of a place to start,” she said.

VIEW ALL

Critical early understanding of obligations

As data attacks surge in scale and sophistication, firms are being forced to shift to faster, more proactive and agile incident response strategies to stay ahead of increasingly complex, coordinated cyber threats reshaping the risk landscape.

One of the key steps Woodruff recommended for law firms is establishing a clear, early understanding of regulatory obligations and notification requirements as soon as a breach is suspected.

“Having a really good understanding of the obligations and the regulatory notice windows and what type of data might be contained in that data set that’s potentially been breached,” she said.

She pointed out the importance of quickly identifying what types of data may be contained in a compromised dataset, noting that obligations can “really vary” between firms depending on the sensitivity and nature of the information involved.

Through an early-stage assessment, Woodruff explained, firms can quickly identify where the riskiest data sits, sharpening their ability to pinpoint exposure and strengthening the initial analysis of potentially compromised files.

“Getting that early understanding, of course, I think that helps, number one, the corporations have a good understanding of where the riskiest data sits. That can help so much from what we’ve heard, the initial analysis of your files to know if there could be risky data in there,” she said.

“Then of course, I think the expertise from the lawyers and law firms that determine whether notification is needed really comes into play.

“That’s where, typically, a partner would potentially get involved, or a lawyer might engage RelativityOne directly to be using our platform to help expedite the process of identifying who to notify.”

The benefits of systems like Relativity in this space

In response to escalating client and public expectations for faster, more efficient data breach response, law firms are under mounting pressure to build the capability and readiness needed to deliver at speed.

Woodruff expressed that this shift is prompting many law firms to adopt more efficient systems for identifying impacted data and assessing risk exposure, including solutions such as those offered by Relativity.

By taking this proactive approach, she highlighted how a unified platform delivers significant time and cost savings by consolidating data and creating a centralised list of individuals.

“I think there are a few, I think the biggest one is the time and cost savings from having the data being brought into the platform and having that consolidated list of individuals,” she said.

Referencing a case study, she noted that customers using Relativity’s AI-powered solution, aiR for Data Breach Response, were able to achieve around 60 per cent in time savings by consolidating all their data into a single platform.

What trends will shape the future?

Looking ahead, Woodruff highlighted the rapid growth of unstructured data as one of the most significant trends set to reshape the sector, noting that it is creating new challenges for breach response teams.

“We’re continuing to see an increase in unstructured data. So data that is not formatted in a way that is easily understandable,” she said.

To tackle this challenge, she pointed to Relativity’s cutting-edge work with vision-based AI models that can now interpret and extract information from images and handwritten documents – tasks that once required time-consuming manual review.

“That’s an area where I’m personally really excited. We are currently in advanced access for vision models, which it’s basically using images and taking images and handwritten documents,” she said.

“It’s able to take the native form of that document and identify and extract the right information, which was previously something that had to fully be done manually.”

She added: “I think just from a trends perspective, continuing to see the growth in unstructured data, that’s where the importance of leveraging GenAI to do that and leveraging our aiR product suite is going to be really important.”