Case Studies

Customer Success is Our Success

Prometis CyberSecurity helped International Law firm to improve Data Security


BUSINESS organizations are highly dependent on IT infrastructure, network system and sophisticated software applications. Through these components, they are able to carry transactions with uninterrupted flow of data and information across geographical boundaries. Along with the benefits like speed, automation, ease, etc., these components also brought threats and risks to the businesses in the form of attacks like DDOS (Distributed Denial of Service), data theft, malware, etc.

One of the major concerns is the ease and speed with which businesses are being attacked / brought down, without even the attacker paying a visit to the physical facilities of the business. Securing Information and Communication Technology (ICT) draws attention of the top management, regulators and law-enforcement alike. Securing IT in an enterprise evolved with a focus on domains like securing networks, securing hosts, securing data, deploying identity and access controls and with operations across all these domains. Law firms continue to be a highly-coveted target for cybercriminals looking to gain access to business capital, trade secrets and intellectual property.
The biggest cybersecurity risks for law firms Include:

·       Phishing
·       Ransomware
·       Leaks of sensitive data
·       The risks of malpractice allegations due to poor cybersecurity


Cybercrime continues to evolve at an alarming pace. If these threats are not contained and stopped, firms can lose assets, highly-sensitive, confidential information, and incur millions of dollars in damages. Add to that the public relations nightmare of the backlash from clients whose information was compromised. After a breach, customer trust is eroded, leading them to seek legal counsel elsewhere. The entire business suffers The Singapore Personal Data Protection Act 2012 (PDPA) subjects organizations to various obligations pertaining to the collection, use and disclosure of personal data, with non-compliance attracting financial penalties, issuance of remedial directions from the Personal Data Protection Commission, as well as reputational damage arising from the publication of enforcement decisions. The firm’s Data Protection practice group advises organizations on the formulation and implementation of internal compliance policies and programs to meet the requirements under Singapore’s data protection laws.

LIMITATIONS
 
Cyber-crime is a very real threat to the legal industry. One in five law firms reported an attack in 2017. In a survey conducted by ABA Legal Technology, 22% of lawyers reported their firm had incurred a data breach, up from 14% in prior years.
 
APPROACH
 
• Time tested model which is adopted Globally in its Risk Assessment Process
• Use SAS tools wherever feasible in the Risk evaluation process, within the overall Risk Assessment exercise
 
RECOMMENDATIONS
 
Law firms hold large volumes of valuable personal and commercially sensitive information about their firms, employees, case information and clients. This makes the cyber criminals to capture a particularly sensitive batch of data to sell or ransom including :
• Secret and sensitive information about corporate client’s finances
• Documents relating to confidential corporate deals;
• Valuable information relating to patented, original and invaluable intellectual
• Property and trade secrets;
• Key evidence pertaining to bet-the-company litigation; and
• Gigabytes (perhaps even terabytes) of emails involving the most intimate, delicate
o and private details of their client’s personal and professional lives
 
Firms should implement a layered program of technical defenses to mitigate the risk of a cyber incident.

Read more about our services below or contact us so we can make sure together that our security is being handled in a proper way.


Want to Hear more

Success Stories?