Cyber Incident? Get Help

INDUSTRY GUIDE

See how a new approach to cyber risk can help legal organisations prioritise cybersecurity and data privacy to help avoid costly breaches.

Thumbnail: Page > Industry - Legal > Hero

Why cyber insurance is critical for legal organisations

Maintaining trust and security is a major concern for most professional service organisations and is especially true for those in the legal industry. Many legal firms prioritise data privacy and cybersecurity to help avoid costly breaches and incidents that could damage their reputation or way of doing business. 

Legal organisations operate based on competency, trust, and confidentiality. As part of the duty of competent representation, lawyers are ethically bound to become and remain technologically competent, which includes keeping up with changes in technology or data protection laws that may affect their practices. Legal organisations are also bound to protect client privilege and confidentiality. A breach or security incident that is handled improperly can have major implications that go beyond direct expenses and cross into cyber liability and in some cases professional liability territory, underscoring the importance of strong security controls and cyber insurance.

How bad could one small security incident be?

Icon: Light Duotone > Money Circle

£113,000¹

Average cost of a cyber claim for legal organisations

Icon: Light Duotone > Email Circle

53%²

Percentage of cyber attacks originating from email inbox

Icon: Light Duotone > Skull Circle

£138,400¹

Average ransomware loss for legal businesses

Unique exposures for legal companies

How essential technologies can create cyber risk

Client portals

These platforms enable lawyers to securely share documents, messages, and invoices with clients. Unauthorised access of a client portal could compromise sensitive information and lead to additional cyber events.

Customer relationship management (CRM) systems

CRM systems are used to support business development activities. Containing client data and confidential corporate information, CRM systems could be compromised and leveraged for malicious purposes, resulting in a data breach.

Document management systems

These software platforms are used to store and handle a large volume of shared files. However, a compromise could expose sensitive data and cause serious disruptions due to the volume and potentially sensitive nature of the information in these systems.

eDiscovery tools

These tools can save time and effort when reviewing large volumes of information, but the potentially sensitive nature of the data means unauthorised access could have data privacy and business interruption implications.

Email

Business email compromise (BEC) is a frequent cause of cyber insurance claims for legal organisations, which can trigger data breaches, funds transfer fraud, business interruption and even reputational damage.

Law practice management software

These systems are used to manage operations, such as scheduling, billing, and payments. A breach could cause serious disruption and expose payment information, corporate confidential data, and client data.

How sensitive data can increase business liability

Corporate confidential data

Corporate law firms may have access to internal operations data, intellectual property, or trade secrets. Mishandling or leaking corporate confidential data can cause significant damage to the data owner.

Financial data

Collecting and processing financial information requires adherence to industry standards. Mishandling or unauthorised disclosure of financial data can cause direct harm to clients and even trigger industry and regulatory investigations.

Personally identifiable information (PII)

PII is any data that can potentially identify a specific person. PII can be used to launch cyber attacks or gain access to networks to initiate attacks. Organisations that mishandle PII or fail to respond to a data breach appropriately can be subject to fines, penalties, and other financial damages.

Sensitive employee information

PII is any data that can potentially identify a specific person. PII can be used to launch cyber attacks or gain access to networks to initiate attacks. Organisations that mishandle PII or fail to respond to a data breach appropriately can be subject to fines, penalties, and other financial damages.

For more insights, download our complete guide:

Business impacts for legal companies

What to expect after a cyber incident

Direct costs to respond

Responding to a cyber event typically requires numerous direct costs, also known as first-party expenses. If a legal organisation experiences a BEC and sensitive data is involved, it can trigger a need for additional legal counsel, forensic investigation, victim remediation, and notification. Simple investigations can cost tens of thousands of pounds, while more complex matters can increase costs exponentially.

Liability to others

The evolving data privacy landscape can be difficult to navigate, and many law firms can face new and unexpected exposures after a cyber event. Even with strong contracts, policies, and best practices in place, a data breach or security failure can trigger liability to third parties and expose an organisation to regulatory investigations and legal action from victims.

Business interruption and reputation damage

A cyber event that impacts essential technology can have a significant impact on a legal organisation's ability to operate and can be highly visible to clients, customers, and other stakeholders. Every hour of disruption can lead to direct loss of revenue and inhibit a law firm’s ability to support clients, negatively impacting client retention and acquisition.

Cybercrime

Beyond ransomware and data breaches, cyber events can result in financial theft for a law firm or its clients — often without an actual breach. If an attacker dupes someone in the billing department to alter payment instructions, a legal organisation can lose tens or hundreds of thousands of pounds almost instantly. Attackers can also gain access to email accounts and send fraudulent invoices or payment instructions to clients, customers, and other third parties.

Recovery and restoration

After a cyber event, resuming operation is no easy task. If an attacker damages or destroys essential technology, data, or physical equipment, a legal organisation may need to bring in external support or purchase new equipment to re-secure systems. Full remediation, restoration, and recovery can take a significant amount of time, when possible, and may require purchasing new software, systems, and consultants to rebuild the network.

Gray BG

CYBER INSURANCE BUYER’S GUIDE

Choosing the right
cyber coverage for your business

Cyber insurance is an essential aspect of modern risk management, offering coverage for the losses associated with data breaches, cyber extortion, business interruption, and other cyber-related incidents. 

Coalition created a Cyber Insurance Buyer's Guide to help businesses navigate the complex cyber insurance market and confidently select the right coverage for their business.

Cyber Insurance Buyer's Guide

Get an Active Insurance quote

Ask your cyber insurance broker about Coalition Active Cyber Insurance.

Already a policyholder?

Log in or activate your Coalition Control account, Coalition's policyholder risk management platform1, to manage your business’s risk profile.

1 Dollar figures adjusted to British Pounds

2 Coalition Inc 2023 Cyber Claims Report