Legal firms face a number of ever-increasing risks as the variety and unpredictability of cyber terrorism intent on taking down a company’s systems increase, and the reasons for this are not always financially motivated, making them harder to predict. Preparation is critical to ensuring businesses can continue to operate in the event of an outage or period of downtime. After the cyberattack on DLA Piper and disruptions caused by four major hurricanes last year, clients are casting a more cautious eye over the potential fallout from business outages and ensuing disruption.
In a recent survey commissioned by The Instant Group, more than 50 law firms in the U.S. and U.K. set out how well equipped they thought they were for significant business outages. The disruption and loss of business that occurred last year resulted mainly because business continuity plans (BCP) unraveled during a time of stress, and coordination of teams across multiple locations failed.
The biggest perceived threat is from data breaches and cyberattacks, with more than 71 percent of respondents placing this as their greatest risk. The majority of outages affect businesses for more than seven days and technology disruption is a major concern. Being unable to access data and client information can be inconvenient at best, and in some cases catastrophic. The inability to service clients can also have an impact on an organization’s reputation.
How prepared do law firms think they are?
Ninety percent of firms who responded have a BCP in place, and 77 percent have a separate BCP specifically for IT. The confidence in their BCPs was reassuring but responses to some of the other questions belied other potential issues, including a lack of alternative location strategies and failure to meet relevant regulations.
More than half of firms surveyed kept data and document storage on servers on-site – an approach that presents a serious vulnerability in the event of a disruption, as servers can be compromised in an attack.
Seventy percent of firms surveyed include remote working as part of their BCP. The Instant Group and Sandpiper Partners, consulting firms in the legal sector, believe this represents significant risk—remote working solutions (which includes working from home, coffee shops, etc.) focus heavily on mobile communications and cloud solutions, which in turn leaves firms exposed to network outages and unsecured networks, and inhibit staff from congregating to make key decisions at a critical time.
The research found that firms leveraging the flexible office market are able to expand and contract their space accordingly and, as a result, suffer far less during downtime. In doing so, they are mitigating the loss of productivity compared to firms that do not have flexible workspace plans in place and purely rely on remote working.
Michelle Bodick is managing director of sales and marketing (Americas) for The Instant Group. She most recently was head of global marketing for Williams Lea and Tag Worldwide (which was acquired by Williams Lea in 2012). Prior to Williams Lea, Bodick spent more than 10 years with Gartner Inc, a leading technology, research and consulting provider.