Data access v security tips #2: Cyber risks facing your law firm in the new world


We’re continuing our ‘Data access v security tips’ blog series with an overview of the reasons to strengthen your data security and costs of poor cybersecurity measures to your business including a comparison of the ‘old world’ versus ‘new world’ to demonstrate the increasingly sophisticated nature of cybercrime.


With great flexibility comes great responsibility

All this new-found flexibility for your law firm comes with one big problem: security. And if your security isn’t completely watertight, then an increase in accessibility will likely be matched by an increase in people trying to access your data illegally.

Why? Because data is the new oil. It’s your most valuable asset.

Why you need security

  • To protect your assets. In the event of an attack, your intellectual property can be compromised. This simply isn’t worth the risk.
  • To protect your clients. If you’re at risk, then so is the confidentiality of your clients. Their data is in your hands.
  • To meet legal requirements. Data protection laws must be followed. Not doing so can cause irreparable reputational damage, even if you don’t get attacked.
  • To lower the insurance risk. The more secure you are, the lower your risk of attack, which in turn means lower insurance costs.
  • To protect your money. Your law firm could be handling vast sums of money in your office and client accounts, making you a tempting target for criminals.

Enjoy the benefits of access on the go whilst ensuring data security

There can be no successful digital transformation without effective security transformation too. Cyber has become the biggest risk for many law firms and managing it smartly is imperative to long-term profitability.

It’s a well-known myth within the legal industry that implementing better security will slow down your digital transformation. But the opposite is true. If you introduce the right security features earlier in the process, then your transformation will be quicker in the long run.

The cost of poor cybersecurity

The total amount of data stored in the cloud will reach 100 zettabytes by 2025. That will be 50% of the world’s data at that time.
Source: Cybersecurity Ventures

On average the total cost for a data breach is $4.35 million.
Source: IBM


The old world v the new world

The landscape for defence has changed just as much as it has for attack. Even just 5-10 years ago, the number of malicious groups was relatively small and they were limited to attacking large government institutions. But now, it’s completely different. There are a growing number of groups and individuals, all with the time and the technology to target even the most prepared or unsuspecting of law firms.

In the old world, you could afford to take your time when it came to security. In the new world, you can’t. You need to act now.

Why act now?

Old world

  • Limited number of highly advanced attackers
  • Nation-state level resources required
  • Targeting governments and critical infrastructure
  • Cyber-espionage focus

New world

  • Numerous well-funded organisations of attackers
  • “Commercial” threat actors
  • Broad knowledge of advanced tactics, techniques, and procedures (TTPs), exploits and tooling
  • Targeting enterprises of all sizes and sectors
  • Financial gain, business disruption focus and data monetisation

Did you know?

In 2020, the World Economic Forum predicted that cybercrime damages could be as high as $6 trillion. That’s equivalent to the GDP of the world’s third largest economy.
Source: WEF



Quill Data Security v Data Accessibility eBook

Want to read our earlier blog in this series? Access ‘Data access v security tips #1: The time is NOW to strike the right balance between access and security‘.