As cyber attacks increase, law firms must rethink their protection technology

Cyber attacks on UK law firms increased by a fifth between 2014 and 2016 with nearly three quarters (73 per cent) of the country’s top 100 targeted in 2015, according to PwC’s 25th Annual Law Firms’ Survey.

“Law firms are under concerted attack as never before,” says Ian Raine, director of product management at iManage, the leading provider of work product management solutions for law firms, corporate legal departments and other professional services.

“Their systems are frequently subject to phishing attacks by criminals who want to gain useful information about a forthcoming merger or acquisition they’re working on. The names and e-mail addresses of key lawyers in these practice groups are posted on the dark web along with requests for their security details in exchange for money.”

Now a growing number of chief information officers (CIOs) at law firms around the UK are rethinking the way in which they organise their online security.

Segmentation is essential. “Law firms often don’t secure information within the firm,” says Mr Raine. “They haven’t historically segmented the data so if an employee does a search for information, that employee can access content across the firm. The same is true if, for instance, you’re a summer intern or temporary employee. Naturally firms want to ensure that all their employees can gain maximum benefit from the information they hold, but this policy puts all their clients’ sensitive information at risk from a criminal operating inside the traditional security perimeter.”


Against this background, two products launched in January by iManage offer law firms’ CIOs complete confidence that their critical work product is protected against security threats. To ensure that its products meet the needs of law firms, iManage is constantly updating its offering with the help of a forum of CIOs from leading firms in London and New York.

Mr Raine urges law firms to segment data and to make it accessible only on a need-to-know basis. To help CIOs provide this extra level of security, iManage Security Policy Manager enables professional services firms to easily manage their global security policies at scale, including need-to-know access to sensitive content, ethical walls and internal segregation of other material. This can minimise the impact of a security breach without getting in the way of firms’ workflows.

Alongside this, iManage Threat Manager uses behavioural analytics leveraged from historical and contextual information gained from the widely used iManage Work system to identify when a breach has taken place.

iManage Threat Manager results in more accurate and faster identification of both external and internal threats. It will dramatically reduce the number of “false positives” that plague many other approaches by applying adaptive behavioural modelling and machine-learning. It is easily integrated with the broader information security stack including security information and event management (SIEM) tools, and can easily push alerts and supporting information into a SIEM solution to create an integrated attack timeline.

Both Security Policy Manager and Threat Manager will become generally available in the first half of this year for on-premises deployment or via the iManage Cloud.

“These two new products go hand in hand to protect law firms,” says Mr Raine. “One segments access to the minimum set while the other checks and monitors all staff to ensure that their behaviours are not unusual. Between them they offer greater opportunities for CIOs to protect their colleagues from cyber attack and their firms from the reputational damage resulting from a breach.”

For more information please visit