A recent survey for the 2024 State of Cyber Security in Law Report revealed that a staggering 81% of Australian law firms have been targeted by phishing attacks, marking a 14% year-on-year increase. The survey, conducted by AUCyber, a leading cybersecurity and sovereign cloud provider, also noted a 7% increase in overall cyberattack attempts, now affecting 21% of firms.
Growing Cybersecurity Concerns in Law Firms
Among the 140 legal firms surveyed, 56% identified cybersecurity as the most significant concern impacting their business operations. According to the report, other cyber threats are also on the rise:
- Spoofing attacks: Increased from 23% to 35%.
- Malware attacks: Rose from 17% to 27%.
- Identity-based attacks: Climbed from 25% to 35%.
Despite these growing threats, 18% of respondents felt their cybersecurity measures were inadequate, and 26% were unsure of their current protections.
Expert Recommendations for Law Firms
Peter Maloney, CEO of AUCyber, expressed concern over the preparedness of some law firms, stating, “The fact that 18% of respondents believe their firm is not doing enough to protect against a cyberattack is alarming.” He urged law firms to invest in:
- 24/7 detection monitoring
- Phishing simulations
- Patching and maintenance of software and hardware
- A documented and tested incident response plan
- Staff training on cyberattacks
Cybersecurity Is Not “Set-and-Forget”
Emma Elliott, CEO of the Australasian Legal Practice Management Association (ALPMA), emphasized that cybersecurity is “not a set-and-forget item.” She stressed the importance of ongoing management, review, and testing of security measures to protect sensitive client data and maintain operational integrity.
The 2024 State of Cyber Security in Law Report was commissioned by AUCyber, in collaboration with LexVeritas and ALPMA.
