What We Do
How We Do
Get Started
Data sheet / solution brief

Securing the Legal Sector


4 minutes read

Law firms have unparalleled access to valuable information across all facets of the public and private sectors. For decades, criminals have demonstrated how to attack law firms with proven methods that lead to massive ransomware outages, public exposure and crippling reputational damage. Typically, they use publicly available court records and settlement documents to create lures that ensnare legal professionals. Financial account information, mergers and acquisitions records, investment strategies, and healthcare records are all well established and profitable material to be circulated by criminals in the dark markets.

Milestone breaches at two prominent Wall Street law firms showcased the potential to steal non-public information for the purposes of insider trading.1 The firms involved represented global banks and Fortune 500 companies in everything from lawsuits to multibillion-dollar merger negotiations. A year later, the well defended firm, DLA Piper, was crippled in the NotPetya ransomware attacks that also shut down major shipping firms and the national healthcare system in the United Kingdom. Since then, law firms have been exploited over unwanted exposure surrounding their high net-wealth clients and celebrities2 and targeted for exploitation by compromising their file-sharing systems.

The motivations behind these cyberattacks include:

Legal firms need cybersecurity expertise to proactively detect, disrupt and remediate cyber threats before they become business impacting. It is important to align with a cybersecurity partner that understands the intricacies of your business operation. At eSentire we are not only the Authority in Managed Detection and Response services, but we have successfully demonstrated the ability to protect law firms from ransomware gangs and state-sponsored actors.

We help legal firms:

  1. Monitor their environments 24/7
  2. Disrupt known and unknown threats
  3. Stop breaches before they impact business operations
  4. Avoid regulatory violations
  5. Mitigate Supply Chain Risk
  6. Meet Bar Requirements

Trusted Partnership and Expertise

eSentire provides Managed Risk, Managed Detection and Response and Digital Forensic and Incident Response services. Our 24/7 Cyber Analysts and Elite Threat Hunters have stopped nation states targeting law firms, identified new threats against the legal vector and discovered new attack methods. Our experts have successfully prevented ransomware gangs from shutting down operations or creating damaging public incidents for our legal customers.

eSentire is proud to protect over 14,000 attorneys in the ALM 100 and ALM 200. We work with firms of varying sizes from small firms with as few as 15 attorneys to the largest firms with over 1,400 attorneys. We are proud partners of the International Legal Technology Association (ILTA) and the Association of Legal Administrators (ALA) and work closely with American Bar Association (ABA), Law Society, contribute to the Harvard Law School programs, and regularly offer CLE accredited courses. Our security experts are often featured in legal industry publications, and we actively share threat intelligence with the Legal Services Information Sharing and Analytics Organization (LS-ISAO).

Logos of eSentire legal industry partners: Legal Technology Association (ILTA), the Association of Legal Administrators (ALA), and the American Bar Association (ABA)

eSentire Managed Detection and Response (MDR) services hunt threats and suspicious activity to investigate in minutes and contain these attacks before they become business disrupting for you and your clients. In numerous cases, the eSentire 24/7 Cyber Analysts have discovered instances of ransomware gangs in law firm environments and prevented them from establishing a hold. Sample support included:

Avoiding regulatory violations

In addition to securing the legal sector, eSentire MDR protects over 6.5 trillion dollars in assets across highly regulated industries including investment, banking, insurance and healthcare providers. Our Security Operations Centers leverage hardened run books that include plays to manage issues and reporting for PII, PCI, HIPAA, GDPR, CCPA and even state-level regulations including the New York Department of Finance Cybersecurity Rules and Regulations (NYCRR 500). We identify and prioritize these critical assets based on regulatory requirements, and can provide forensic reporting in the case of regulatory notification.

Mitigating supply chain risk

Many breaches are often traced back to vendors. We recognize that your clients retained your firm, consider vendors an extension of your business, and therefore vendors are your responsibility to secure. We identify core services, such as document management, time tracking, file share and document signing, and prioritize these services for monitoring. Our MDR services have repeatedly caught and stopped vendor compromises before the vendor reported the vulnerability. Our Managed Risk Services provide complete security assessments, risk assessments and offer recommendations on security strategy to improve security maturity and reduce cyber risks.

Meeting Bar Requirements

Working closely with hundreds of law firms and thousands of lawyers, we understand what it takes to protect your firm and ensure that you meet competence and confidentiality requirements. Our services evolve with your practice needs as we secure changes in technology including supporting cloud adoption and making remote work secure and scalable. In addition to our Managed Detection and Response services, eSentire offers CLE-accredited user awareness training, and risk management assessments to review cloud-services, vendor risk, and virtual law firm best practices.

About Managed Detection and Response (MDR)

At eSentire, our comprehensive approach to MDR helps organizations test, mature, measure and protect their environments from a multitude of risk factors. Our MDR services rapidly identify and contain threats that bypass traditional security controls. Ingesting signals from your on-premises, cloud and hybrid environments, we combine endpoint, network, log, vulnerability and cloud data to identify known and elusive threats. Averaging 15 minutes from threat identification to containment, we ensure attackers don’t have the time to achieve their objectives.

A table showcasing how eSentire’s 24/7 multi-signal MDR answers common cybersecurity challenges for law firms.

eSentire is capable of supporting your firm with end-to-end comprehensive cybersecurity services. Our expertise includes:

Descriptions of services offered by eSentire: Managed Risk Services (MRS), Managed Detection and Response (MDR), and Digital Forensics and Incident Response Services (DFIR).

Why Law Firms Partner with eSentire

A graphic containing a testimonial about eSentire 24/7 multi-signal MDR from a law firm.

Ready to Get Started?

We’re here to help! Submit your information and an eSentire representative will be in touch to help you build a more resilient security operation today.