When law firms need protection: let’s talk cyber

Friday, October 20, 2017
When law firms need protection: let’s talk cyber

Cyber attacks are now making the headlines on a daily basis and whether you’re a business handling confidential data or concerned with your own cyber health, having the right precautions in place to mitigate the risk of an attack has become a top business priority. 

Indeed, with the history’s biggest data breach being exposed only recently – with Yahoo admitting that all three billion of its accounts had been breached back in 2013; three times more than it original thought – anyone and everyone can become a victim of a breach.

Law firms are no exception to this. Indeed, as the keepers of commercially sensitive data including financial information as well as merger and acquisition negotiation details, they represent a lucrative target. It is no wonder that they are seeking to protect themselves from threat actors.  Not only in terms of protecting their own confidential information, but to ensure they don’t become a route for hackers to penetrate client IT systems.

For law firms, cyber security solution need to:

  • Reduce the time it takes to detect and resolve security incidents
    Making the process of moving from alert to investigation too complex can cause genuine security incidents to slip through the net. To prevent this from happening, the IT teams in law firms need security alerts with contextual information that allows the analyst to understand the threat and act on it as quickly as possible.
  • Correlate seeming unrelated network activity and behaviour
    Analytics need to automatically hunt for threats within the network, looking at the detailed metadata to ensure nothing is missed. With this capability, it is far easier for analysts to see anomalies simultaneously and therefore pinpoint anything suspicious that might at first appear unrelated.
  • Identify and stop targeted attacks when they are in their infancy
    Hackers have been known to dwell within the network for a significant amount of time before being identified and it is here where they do the most damage; such as command and control activity and lateral movement. With the ability to analyse metadata and spot this type of activity early on, the extent of damage done can reduced.

Protection in practice: DZP’s experience

It was for these reasons that Warsaw-based Domanski Zakrzewski Palinka (DZP) wanted to upgrade its traditional security solution to one that could better protect both its own data and systems and, in turn, those of its customers.  Highly reliant on digital technology for its operations, DZP recognised that a cyber attack – for example ransomware such as WannaCry and Petya – could bring its business to a standstill. 

In particular, DZP wanted to figure out how to simultaneously compare historical security activity on the network against real time data; as this would allow it to hunt for cyber threats and ensure its systems were protected.  In practice, this meant it needed to rapidly detect, investigate and resolve advanced attacks that took advantage of both known and unknown vulnerabilities. 

In Fidelis, DZP achieved a single integrated solution that enabled the firm to both see and respond to advanced attacks. This replaced a patchwork of systems, software and appliances that had to be purchased separately and strung together.  With many risk-adverse, global organisations taking advantage of Fidelis’ solution, DZP felt safe in the knowledge that Fidelis could scale while also take on the fiercest of attacks. 

DZP took the decision to go with Fidelis following an on-site assessment to understand whether the solution could provide the depth of visibility required, allowing the firm’s IT team to analyse packets and sessions on the network both in real-time and historically.  Indeed, the automation function within Fidelis meant that two full-time analysts could do the work of a much larger skilled team, as alerts were consolidated and allowed the analysts to confidentially and accurately identify and mitigate threats faced by the law firm. 

Through its partnership with Fidelis and continued development of its security infrastructure, DZP is responding to the growing security concerns of companies around the world, while serving its clients in the safest way possible.

To read more about how DZP are using Fidelis, read a copy of the case study here and also in Polish.

 

- Andrew Bushby, UK Director, Fidelis Cybersecurity