The Legal Services Information Sharing and Analysis Organization (LS-ISAO) has established a new member-led group called the Cyber Incident Response Committee (CIRC) to create playbooks, determine best practices and if needed, shepherd impacted law firms through mitigation and recovery after a cybersecurity intrusion.
According to IBM, the average cost of a data breach has risen to $4.24 million in 2021, with the average cost of a ransomware breach at $4.62 million and business email compromise at $5.01 million. LS-ISAO, a non-profit, assists firms by providing intelligence, analysis, infrastructure, and resources that law firms leverage to defend their practice. Within this provided hub of information exchange in the legal services industry, members share indicators of compromise and signatures from malware, trojans and business email compromise attacks, among other threats.
As an advisory group for member firms experiencing cyber incidents, the newly formed CIRC develops and shares incident response guidance based off its committee members’ experience and security knowledge. Engaging impacted members and working with the LS-ISAO community as a whole, it will seek to improve preparedness and minimize the impact from malicious threat actors.
The CIRC is currently developing an incident response playbook, to address both executive level and technical staff responsibilities during a crisis. A CIRC-developed repository of documents and practices will also be available to LS-ISAO community members in the community document library.
“Providing guidance and support to fellow members is an ongoing activity in the community,” said Bill Nelson, Chair and CEO of LS-ISAO parent company Global Resilience Federation. “Leading members decided that a more formal approach to incident response planning, with extensive documentation, could assist fellow members and fill the gap between our prevention activities and what we’re sharing for post incident recovery; the CIRC’s activities are geared to crisis management.”
With nearly 150 law firms from around the world, including most of the Am Law 200, LS-ISAO members work together to share warning and support each other with best practices and advice. Firm security teams are backed by LS-ISAO staff analysts who enrich intelligence and provide added information streams from security vendors, government and other sources.
According to the NIST Cybersecurity Framework, “One of the best techniques to address [the sophistication of Advanced Persistent Threats] is for organizations to share threat information.” And threats against the legal services industry are increasingly global in nature. The industry must work together to ensure mutual security for reasons of reputation, revenue, and responsibility to clients.
Firms that are able to invest heavily in cybersecurity are at a relative advantage in the industry, but LS-ISAO allows even the most secure firms to expand their security footprint and threat awareness by “crowd sourcing” intelligence within a vetted and secure community of other professionals committed to a common cause. The community also helps develop the cybersecurity capabilities of small and medium sized firms with limited IT and security resources.