The Perimeter is Not Enough
Posted by mbird on Wed, 03/05/2017 - 09:27
A lot can happen in seven hours. You can fly from London to New York, binge-watch half a season of Suits, drive from LA to San Francisco (California traffic allowing!) or even simply get a good night’s sleep. If all that can happen in seven hours, imagine what can happen in seven days, seven weeks or seven months.
Especially in your network.
At the recent British Legal Technology Forum, it was highlighted that, on average, a breach in the legal sector takes seven months to be detected. That’s seven months before you even realise hackers have had access to your network and data, and potentially still do.
Cyber criminal gangs see the value in the data held and managed by legal firms for their clients – and the legal firms are a softer target than their clients themselves. With this threat landscape, the prevailing view among technology experts, including those here at Vanix, is that it’s not a matter of ‘if’ your legal firm will be compromised, but whether it already has and, if not, when it will be.
While it is vital to ensure your edge security – firewalls, email security and mobile – is effective, top legal firms are now looking beyond this and implementing a security fabric across their entire infrastructure.
Our top five key areas to consider when planning your cyber strategy are:
A robust and effective perimeter is the first step in building your security fabric. Next gen firewalls, email security, and mobility, wireless and remote solutions are vital in ensuring known threats are kept out of your network. Getting value from your perimeter security is the first step in freeing up budget to spend on your wider security portfolio.
2. Specific and Targeted Defence
Legal firms are at risk from specific and targeted threats. Ransomware can be used to hold your vital data to ransom and DDoS attacks can bring your entire network down. Having tools in place to protect your network from these targeted threats is the next step in building your security portfolio.
3. Shadow IT
The weakest link in any network security fabric is people. Employees are not only a risk when they click links in emails or connect devices to the network. They also put your infrastructure at risk with ‘Shadow IT’ – systems and solutions used inside your organisation which have not been sanctioned and deployed by the IT department. Legal firms must have solutions in place to ensure employee behaviour is not putting your clients’ data at risk, especially with the prevalence of apps and cloud.
4. Improve Speed of Response
Implement Security Incident and Event Management (SIEM) tools to help you detect, prevent and respond to security threats. Real-time analysis of security alerts will allow you to react quickly, and not be in the dark about security incidents for seven months.
5. Machine Learning and Predictive Solutions
Using network heuristics is one of the most advanced ways of protecting your network and infrastructure. These tools learn how your system runs and operates over time, so, when an anomaly occurs on your network, it will pick it up straight away and allow you to mitigate any threats through automated processes.
At Vanix, we are trusted by several top 10 law firms to work with them to build a robust security fabric, ensuring their clients’ high value data is protected. With not only your network, but your reputation at risk, can you afford not to talk to our experts about your cyber strategy?
Contact Nick Herne, Vanix's Legal Sector Account Manager, to find out how you can benefit from our vendor agnostic approach and industry-leading SLAs, with guaranteed response times as fast as fifteen minutes. That's a lot more effective than seven months.