find the latest legal job
Banking Associate - 1-6PQE - Allen & Overy
Category: Banking and Finance Law | Location: United Kingdom
· Banking Associate - 1-6 PQE - Allen & Overy
View details
Academic Dean and Head of School of the TC Beirne School of Law
Category: Other | Location: Brisbane QLD 4000
· An outstanding opportunity · Provide educational, research and organisational leadership
View details
Senior Property Lawyer I Commercial Litigator
Category: Property Law | Location: Arncliffe NSW 2205
· Rapidly growing law firm, working with a highly experienced team in a high growth industry across all areas of property and strata law
View details
Senior Property Lawyer I Commercial Litigator
Category: Property Law | Location: All Sydney NSW
· Rapidly growing law firm, working with a highly experienced team in a high growth industry across all areas of property and strata law
View details
Senior Property Lawyer I Commercial Litigator
Category: Property Law | Location: Sydney NSW 2000
· Rapidly growing law firm, working with a highly experienced team in a high growth industry across all areas of property and strata law
View details
Cyber space a 'double-edged sword' for firms

Cyber space a 'double-edged sword' for firms


The cyber space presents unique opportunities for Australian firms aspiring to be at the forefront of the profession, but it also poses significant threats to those who do not comply properly.

Speaking to Lawyers Weekly, Aaron Sharp, senior security consultant at Verizon Enterprise Solutions – Asia Pacific, said heightened discussion around cyber security is prompting more firms to get involved in this space than ever before.

“I think there are a couple of things driving the discussion around cyber security in the legal industry, particularly within the local market,” Mr Sharp said.

“There have been some pretty well-publicised breaches that have either directly or indirectly involved law firms that have got the attention of local firms as they’re considering what impacts that might have on them.

“Similarly, I’ve seen a lot of activity around the cyber insurance market, so law firms that are involved in providing advice and services within that ecosystem are taking a lot of interest in cyber security.”

Mr Sharp said this interest in the cyber space presents both opportunities and challenges to law firms.

“It’s a double-edged sword,” he said.

“As more businesses embrace digital processes, trying to drive efficiencies and move from paper records to digital records, all of a sudden they’re opening themselves up for potential attacks.

“[However] as much as I see that as a challenge, I also think it’s an opportunity for law firms, who are in many ways trusted advisers, to get on the front foot of this and help clients through that process.”

Mr Sharp said a big opportunity for lawyers is to upskill themselves in cyber threats, noting that this will help protect themselves, their firms and their clients from key risks.

“If you think about some of the data lawyers are entrusted with, it's pretty far-ranging. It could be everything from intellectual property type of information, sensitive financial data, and in some cases even clients' funds in the forms of escrow accounts and what not,” he said.

“All of these different types of data have value for different threats. You could have espionage-type motivations to steal intellectual property, or straight monetary theft of trying to steal client funds.

“So I think law firms need to be very cognisant of the type of data they’re handling, ask themselves how sensitive it is, and really what they're doing at the end of the day to protect that data.”

Mr Sharp noted firms that don’t place an emphasis on cyber security could be dealt some serious consequences.

“A well-known Japanese entertainment company had a big breach a while back and in that breach there was a lot of customer data that was divulged. While it wasn't the law firm involved that actually breached, they are associated with that and their name is now out there,” he said.

“Similarly, some time back there was a well-known mining company who were negotiating contracts for resources and had their sensitive financial information stolen via the law firm that was advising them at the time.

“[Therefore] you can see these different scenarios, whether it’s in a merger and acquisition environment, an IPO type of environment or intellectual property, the impact on the law firm can be quite bad in terms of reputational damage. Even if [the firm] is just associated with it, unfortunately there can be collateral damage as well.”

Despite the risks, Mr Sharp reiterated that there is a big opportunity for law firms to get more involved in the cyber space.

“I do think that there is a big market opportunity for law firms amongst other players, particularly around cyber insurance, to be at the forefront of advice,” he said.

“I know a lot of law firms are being appointed by cyber insurers as breach coaches and whatnot, so I think that's the message I try to give: yes, there are things that you need to be careful of, but with every risk there's an opportunity as well.”

A recent investigation by Verizon found there has been a significant increase in law firms being globally targeted for cyber attacks.

Commenting on the findings, Mr Sharp said Verizon has been able to identify key factors that firms should keep an eye on to avoid these threats.

“Specifically there were two tell-tale signs [of cyber attacks]. One was around unusual remote access and the other was unusual email activity, so an increase in volumes, more emails being forwarded to external email domains,” he said.

“While they're not the only things law firms can do, based on what we're seeing in the attacks that are happening, focusing on those two areas by implementing strong verification [models] and limiting VPNs to only single remote sessions is a good pragmatic step.

“Similarly, with the email side of things, having restrictions around forwarding emails.”

Outside of this, it’s important for all law firms to have strong security measures in place, Mr Sharp said.

“Be prepared, make sure you've got a response plan in place and that you practise that in the case of a breach. Make sure that you're doing the basics in terms of catching and managing vulnerabilities within your environment and make sure you really know what data you're holding and what the classifications and the sensitivity of that data are,” he said.

“The level of protection you want to put around one type of data may differ to a different type, so really start to understand that data and manage that data well.

“The other thing is managing your third-party suppliers. Many breaches we see are via third-party suppliers, so making sure you have good scrutiny over them in supplier chains will go a long way in helping you prevent and detect any breaches that may occur.”

Chris Novak, director of investigative response at Verizon, will be one of the key speakers at Lawyers Weekly’s inaugural Future Forum, kicking off in Sydney on 9 November and Melbourne on 11 November.

The Future Forum is an event designed for lawyers who want to stay at the cutting edge of technological change and business innovation.

To learn more about the event or to register, click here.

Like this story? Read more:

Book commemorates diamond milestone for WA law society

QLS condemns actions of disgraced lawyer as ‘stain on the profession’

NSW proposes big justice reforms to target risk of reoffending

Cyber space a 'double-edged sword' for firms
lawyersweekly logo
Promoted content
Recommended by Spike Native Network
more from lawyers weekly
Gavel, legal book, criminal lawyers
Jan 19 2018
Three criminal lawyers named NSW magistrates
The NSW Attorney-General has announced the appointment of three new local court magistrates. ...
Jan 18 2018
Lawyer highlights ‘unintended consequences’ on SSM estate planning
A succession lawyer has warned that the right for same-sex couples to legally marry could have a sub...
drug rehabilitation services available in rural and remote communities
Jan 18 2018
ALS survey shines spotlight on insufficient rehabilitation services
A new survey posted by the Aboriginal Legal Service (NSW/ACT) has revealed an alarming insight into ...
Allens managing partner Richard Spurio, image courtesy Allens' website
Jun 21 2017
Promo season at Allens
A group of lawyers at Allens have received promotions across its PNG and Australian offices. ...
May 11 2017
Partner exits for in-house role
A Victorian lawyer has left the partnership of a national firm to start a new gig with state governm...
Esteban Gomez
May 11 2017
National firm recruits ‘major asset’
A national law firm has announced it has appointed a new corporate partner who brings over 15 years'...
Nicole Rich
May 16 2017
Access to justice for young transgender Australians
Reform is looming for the process that young transgender Australians and their families must current...
Geoff Roberson
May 11 2017
The lighter side of the law: when law and comedy collide
On the face of it, there doesn’t seem to be much that is amusing about the law, writes Geoff Rober...
May 10 2017
Advocate’s immunity – without fear or without favour but not both
On 29 March 2017, the High Court handed down its decision in David Kendirjian v Eugene Lepore & ...