Goodbye job applications, hello dream career
Seize control of your career and design the future you deserve with LW career

1 in 2 Aussie law firms not ready to handle a cyber incident

A study by Australia’s peak legal practice management body and a prominent cyber security firm has revealed the level of cyber threat being faced by law firms. Spoiler: it’s a lot.

user iconDavid Hollingworth 13 September 2023 SME Law
expand image

Editor’s note: This story originally appeared on Lawyers Weekly’s sister brand, Cyber Security Connect.

The study was conducted by the Australasian Legal Practice Management Association (ALPMA) in conjunction with AUCloud. One of its most alarming findings was that more than 50 per cent of all law firms polled – the survey spoke to 85 law firms – feel they are not ready to handle a cyber incident.

Another 19 per cent of firms said they were not doing enough to keep themselves safe in the current threat environment.


And this data seems to be based on hard-won experience, with 14 per cent of firms reporting they have been victims of an attempt at a cyber attack.

This is despite 47 per cent employing dedicated cyber security staff.

However, many firms still feel a lack of “employee awareness and training” is holding them back. Preparedness is a big issue, it seems; 34 per cent of firms don’t have a written response plan, while 31 per cent of those that do have only an incomplete one.

Law firms have seen the full gamut of cyber attacks, from phishing attempts, malware intrusions, distributed denial-of-service (DDoS) attacks, and even insider threats on the industry’s radar.

Peter Maloney, chief executive of AUCloud, said that while readiness may not be where it should be, the majority of firms are at least aware that it is a growing threat.

“Cyber crime is, unfortunately, the biggest threat to Australian business and is one of our fastest-growing industries globally, and it has no prejudice,” Maloney said in a statement.

“The Australian legal industry is aware of this risk and is seeking external assistance, with 85 per cent of survey respondents using external IT support.”

“Australia is one of the most (cyber) attacked countries in the world because of our significant economic position, strategic geopolitical position, and advanced technological infrastructure,” Maloney said.

Emma Elliott, CEO of ALPMA, sees the results of the report as a wake-up call for the industry.

“Our members vary in size from those with sophisticated cyber security infrastructure and systems in place to those who simply do not have the internal human resources to keep up with the changing face of cyber attacks, and therefore rely on external parties to help to protect themselves and their clients’ information,” Elliott said.

“Cyber security is an ongoing and very real threat to our members and their firms. That’s why our association is partnering with industry experts to provide further education, support, and guidance in how to be more prepared.”