What seems like a long time ago now, in 2011 PricewaterhouseCoopers (PwC) warned that “there is no question that law firms are among the companies being targeted by cyber criminals.” Despite this, many law firms believed (or just did not feel the risk significant enough) that they were unlikely to be the target of a cyber attack. In the same 2011 report, PwC reported that “a number of law firms believe they were too small or obscure to warrant the interest of professional hackers,” and Legal Week have also reported that law firms are far less likely (to the order of 35%) to have a response plan in place for cyber-attacks than non-legal professionals (a slightly better 52%).

The issue of cyber-security at law firms has been brought to the fore in recent weeks due to two significant data breach incidents which have targeted the legal sector.