Is it time to reconsider traditional approaches to cyber security? For a long time now, people have largely been viewed as a cyber security “weakness”, and the viewpoint has shaped the majority of the cyber security strategies we see today. The strategies focus on restrictive measures. They focus single-mindedly on minimising the risks that people pose. Crucially, they do not consider how people can actively prevent cyber attacks, and therefore fail to capitalise on a valuable cyber defence. People-centric security flips the conventional thinking on its head.
Today, creating and distributing viruses has become a highly lucrative, full-time and highly illegal occupation within the industry now referred to as cybercrime. It’s an industry that cost UK businesses a total of £29 billion in 2016 and one that targeted 73% of the top 100 law firms in 2016. And yet, over the past 50 years, surprisingly little has changed.
The threat to the legal sector. In the aftermath of headline-grabbing cyber attacks, managing partners in law firms around the world have been posing the same question to their firm’s IT leaders: “Could this happen to us?”