Mark Stevens is the vice president of Global Services at Digital Guardian, a Waltham-based cybersecurity firm that provide a security platform purpose built to stop data theft. he wrote this commentary for the Boston Business Journal relating to Boston law firms – but the comments apply to law firms in most cities.
Concerns about data security have never been higher, as an ominous drumbeat of high-profile data breaches are reported with alarming regularity. Cyber criminals are looking for any way to access sensitive data about companies and individuals alike, and have found that law firms are ripe targets for cyber attacks. In fact, the New York Times Dealbook recently published a story about Citigroup’s finding that major U.S. law firms are frequently experiencing data breaches, yet rarely disclose those events publicly.
As Citigroup notes, law firms are attractive targets because they regularly access and store sensitive client data as part of their day-to-day operations. So what’s the risk for Boston-based law firms?
The 10 largest intellectual property (IP) law firms in Boston filed 17,314 patents for clients in 2014, and that represents a tremendous amount of business value. In 2014, New England In-House reported 78 deals totaling $11.3 billion in merger and acquisition activity in the region in a single quarter. Boston’s own Ropes & Gray handled seven of those deals with an estimated value of $6.2 billion.
Local companies are entrusting some of their most important business information to their attorneys in growing numbers. The Citigroup report also found that data security measures employed by large law firms throughout the country often lag behind other industries that are commonly targeted in cyber attacks.
Other research indicates that these attacks are certainly increasing. Cisco’s 2015 Annual Security Report named law firms as the seventh-highest target for cyber criminals last year. 2015 was the first year that the legal industry made the top 10 most targeted verticals in Cisco’s report, indicating a nearly 50 percent year-over-year increase in the likelihood that law firms would encounter cyber attacks.
[table id=9 /]