What We Do
How we do it
Resources
Company
ABOUT ESENTIRE
About Us
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 1500+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
Read about how we got here
Leadership Work at eSentire
LATEST PRESS RELEASE
Sep 20, 2022
eSentire Recognized as Top Global MDR Provider by MSSP Alert, CrowdStrike and G2
Waterloo, ON - September 21, 2022 – eSentire, Inc., the Authority in Managed Detection and Response (MDR), celebrated multiple industry recognitions as the leading global MDR provider, over the last week: Named #9, and the top pure play MDR provider on MSSP Alert’s Top 250 MSSPs global rankingRecognized as the CrowdStrike 2022 Global MSSP Partner of the Year Earned G2’s industry-renowned status…
Read More
Partners
PARTNER PROGRAM
e3 Ecosystem
We provide sophisticated cybersecurity solutions for Managed Security Service Providers (MSSPs), Managed Service Providers (MSPs), and Value-Added Resellers (VARs). Find out why you should partner with eSentire, the Authority in Managed Detection and Response, today.
Learn more
ECOSYSTEM PARTNER RESOURCES
Apply to become an e3 ecosystem partner with eSentire, the Authority in Managed Detection and Response.
Login to the Partner Portal for resources and content for current partners.
Search
Resources
Blog — Aug 14, 2019

2019 eSentire Threat Intelligence Spotlight: Legal Industry

3 minutes read
Speak With A Security Expert Now

Five years ago, at a major legal technology conference in New York City, the topic of cybersecurity was overshadowed by a sea of document management and billing system vendors. eDiscovery captured the lion’s share of attention. Arguing that law firms must address cyberthreats was like telling attendees that the world was about to be invaded by marauding aliens from another galaxy. Then, like the movie “Independence Day,” cyberthreats arrived and hovered over law firms, preparing for a global assault.

The attack on Wall Street law firms Cravath, Swaine & Moore LLP and Weil, Gotshal & Manges LLP demonstrated how stolen FDA fillings and press releases could be used to make millions of dollars in illegal stock trades. The Paradise Papers and Panama Papers demonstrated that hackers could monetize or weaponize even innocuous tax law files. Ransomware attacks collected a pirate’s bounty in payments, cost a small fortune in lost billable hours and did untold damage to many firms’ reputations. Today, ransoms are morphing into extortion as hackers demand payment to avoid exposure of damaging information. Even nation state actors target law firms, finding it easy to access their lucrative clients or working in retaliation for political actions, as demonstrated in the case studies below.

The risk to law firms is apparent. In October 2018, the American Bar Association (ABA) issued a Formal Opinion, expanding on Rule 1.4. Formal Opinion 483 references a “duty of competence,” an “obligation to monitor for a data breach” and the necessity to “stop the breach” and “determine what occurred.” The duty to competence explicitly references a 2012 modification to Rule 1.1 that obligates law practitioners to understand the risks of the technology they use.

As the nexus of the global economy, the legal community establishes and interprets legislation, shepherds’ mergers and acquisitions, drives patent and files intellectual property claims. This myriad of highly profitable, confidential information ensures law firms will remain a preferred cybercriminal target. In fact, eSentire data shows law firms are one of the top five industries targeted by cybercriminals. Various reporting agencies find similar results with law firms accounting for almost 10 percent of breaches.

As an industry, law firms have improved their overall cybersecurity practices, which has resulted in a lower than average amount of nuisance cyberattacks as compared to other industries such as healthcare, manufacturing and energy. Legal and IT practitioners no longer smirk with disbelief when they hear about elaborate cyberattacks on their counterparts. Now discussions center on ways to reduce risk, advanced measures of performance and bringing all levels of a firm into training, incident simulations and board-level planning.

eSentire’s security analysts are pitted against smash-and-grab thugs, criminal cartels and nation state actors. Every year, eSentire Security Operations Center (SOC) teams analyze billions of indicators of compromise to identify real threats and contain attacks before they disrupt our clients’ businesses. This mission critical data contains a trove of enlightening trends and patterns that can be used to identify top vulnerabilities, popular attack vectors and tradecraft used by cybercriminals.

In law enforcement parlance, “means, motives and opportunities” should frame the tenants of your cybersecurity program. Knowing your adversaries’ capabilities helps focus priorities. Identifying their opportunities flags your security gaps or vulnerabilities. And, of course, knowing their motives highlights what assets they seek and which ones you must protect.

Today we are releasing our inaugural Threat Intelligence Spotlight on the Legal Industry, a report that provides a wealth of information that law firms can leverage to reduce their cyber risk profile. The report explores the most common malware, top vulnerabilities and phishing lures used to infiltrate law firms. As the expression goes: “A wise person gets more use from his enemies than a fool from his friends.” This report provides a focused exploration of the actions of your adversaries, along with actionable recommendations to improve your ability to protect your clients and reputation.

The full report can be downloaded here: https://www.esentire.com/resource-library/2019-legal-threat-report/

Join 100,000+ Security Leaders

Get notified of the latest news, intel and helpful tools & assets. You can unsubscribe anytime.

By clicking the button below I confirm that I have read and agree to the eSentire privacy policy.

View Most Recent Blogs
eSentire
eSentire

eSentire is the Authority in Managed Detection and Response, protecting the critical data and applications of 1500+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events. Combining cutting-edge machine learning XDR technology, 24/7 Threat Hunting, and proven security operations leadership, eSentire mitigates business risk, and enables security at scale. The Team eSentire difference means enterprises are protected by the best in the business with a named Cyber Risk Advisor, 24/7 access to SOC Cyber Analysts & Elite Threat Hunters, and industry-leading threat intelligence research from eSentire’s Threat Response Unit (TRU). eSentire provides Managed Risk, Managed Detection and Response and Incident Response services. For more information, visit www.esentire.com and follow @eSentire.