eSentire Report: 46 Percent of Legal Organizations to Experience a Cybersecurity Incident in the Next Year

WATERLOO and SEATTLE – August 14, 2019 – eSentire, Inc., the global leader in Managed Detection and Response (MDR), in collaboration with the International Legal Technology Association (ILTA), today announced the release of the inaugural Threat Intelligence Spotlight on the Legal Industry.

The need to protect sensitive business and personal data made the legal industry one of the earliest adopters of Managed Detection and Response technologies, and eSentire’s Legal Industry Threat Intelligence Spotlight draws upon the anonymized network traffic from the dozens of law firms within eSentire’s 650-plus customer base.

Mark Sangster, VP and Industry Security Strategist, eSentire said:“One key finding from the report reveals that 46% of legal organizations will experience a cybersecurity incident within the next 12 months. This high incident rate occurs even as law firms continue to improve their overall cybersecurity hygiene and are considered one of the more mature industries in protecting client assets from cyber criminals. This improved posture has resulted in firms having a lower incident rate for nuisance cyberattacks when compared to other industries, such as healthcare, manufacturing and energy.”

This trend comes at a time when ILTA research shows that firms are beginning to embrace emerging technologies, yet funding for security and general employee training is starting to wane. This combination is especially dangerous as cybercriminals are increasingly using exploitations focused on internal systems and cloud services. A fundamental lack of employee training leaves firms vulnerable to exploits and breaches caused by unintentional user errors, misconfiguration of security and privacy controls, and exploitation through phishing campaigns and fake invoices.

Joy Rush, CEO, ILTA said:“The more legal professionals know about the cyberthreats targeting the legal industry, the better decisions they are able to make about their cybersecurity priorities. By publishing anonymized, cybersecurity incident data from legal organizations, reports like the Threat Intelligence Spotlight on the Legal Industry have helped to create invaluable resources for any legal professional concerned about cybersecurity."

Additional findings from the Threat Intelligence Spotlight on the Legal Industryinclude:

• Almost 20% of IT assets in law firms are susceptible to being exploited by a high or critical severity vulnerability
• Top internal threats come from email or drive-by downloads, with unique lures that mimic Adobe Cloud services and American Express credit products that cater to high net-worth individuals and frequent travelers
• MalDocs remain dangerous by leveraging Microsoft macros to deliver malware that collects credentials, logs keyboard inputs and captures screenshots

To speak with one of our experts about the report, visit eSentire’s booth #811 at ILTACON from August 18 to22 in Orlando, Florida.

The full report can be downloaded here: https://www.esentire.com/resource-library/2019-legal-threat-report/

About eSentire:

eSentire, Inc., the global leader in Managed Detection and Response (MDR), keeps organizations safe from constantly evolving cyber attacks that technology alone cannot prevent. Its 24x7 Security Operations Center (SOC), staffed by elite security analysts, hunts, investigates, and responds in real-time to known and unknown threats before they become business disrupting events. Protecting more than $6 trillion AUM in the financial sector alone, eSentire absorbs the complexity of cybersecurity, delivering enterprise-grade protection and the ability to comply with growing regulatory requirements. For more information, visit www.esentire.com and follow @eSentire.