Video conferencing has changed the game for the legal field – enabling law firms to expand their reach and expedite their meetings. This trend has also opened the door for a rapid escalation of data breaches, as cyber threat actors target sensitive and often valuable client and firm data.
For many firms, 2023 was a major wake-up call, as three of the largest law firms were the victims of cyber-attacks. The attackers exploited a software vulnerability, acquired confidential information, and demanded a ransom in exchange.
In an American Bar Association’s survey from 2022, 27% of law firms confirmed that they had experienced a cyber breach –a likely conservative estimate that has only gone up over the past year.
“I believe that 2023 was really a turning point for law firms, and for their clients as well, in terms of understanding the risks and having expectations for how information is protected,” says Geeth Kulendran, Pexip’s Enterprise Sales Director for EMEA. “In the US, for example, we even saw clients file class action lawsuits against law firms that failed to protect their sensitive data. This is serious, and the expectations regarding protecting client data are only rising.”
Stay compliant with cyber security regulation
With video now serving as a mainstay for legal meetings and proceedings, this medium serves as a gold mine of information for cyber criminals. This has prompted many nations, particularly across Europe, to clamp down on regulation, resulting stricter compliance expectations for corporations across the continent – such as NIS2, the more broadly sweeping cyber security directive from the EU. Data sovereignty regulation, including GDPR, is increasingly pervasive for companies both in Europe and doing business with Europe, which requires organizations to take a closer look at where their data is stored and where it is traveling.
“It’s great to see that the EU and other regions are responding to the changing threat landscape we see today. This means that organizations of all types are expected to step up their risk management measures and take a more proactive approach to cyber threats – including an evaluation of the software and tools they use to do their work,” adds Geeth.
What’s at stake?
For law firms in particular, information is a critical asset that requires protection. Cyber criminals will often target the legal industry to gain access to personal information, such as names, bank accounts and personal identification numbers. Unauthorized recordings are also a key threat, as video meetings can be a source of confidential information that if exposed can cause reputational or financial damage or loss.
The information surrounding a video conference can also be targeted. This is what’s termed the “call detail record” or CDR, and it may contain data such as usernames, room names and other information that may be considered valuable.
What to consider when selecting a secure meeting solution for your law firm
Video meetings have boosted productivity and ease of interaction in the legal world, but law firms must be discerning in their choice of software to combat the increasing vulnerability that this tool represents. Here’s what you should consider when selecting your video conferencing solution:
- What are the deployment options for the video conferencing solution?
Look for flexible deployment options that give you full control over your data. Consider self-hosting the solution on-premises or in a private or sovereign cloud service. Pexip offers the Pexip Private Cloud option as well, a tailored private cloud for large customers with strict compliance requirements. - Is the solution compliant with local regulation and internal security requirements?
Seek a video conferencing solution that takes security-first approach, using industry-grade encryption and security protocols to maintain data privacy and protection. Ensure that the solution is compliant with key standards (SOC2, SSAE16 and ISO 27001). - Does the solution offer user-facing features as an additional security layer?
Ensure that your video conferencing solution offers key features to protect your meetings, such as meeting authentication steps and PIN-protected meetings, one-time meeting links, or even custom-branded meeting screens so that clients can rest assured that they are in the right place.
- Does the solution prioritize ease and efficiency of meetings?
While security is top priority, it doesn’t necessarily have to come at the sacrifice of the user experience. Make sure that the video meeting software you select is designed for efficient and seamless meeting experiences that are on par with its security offerings.
“What’s key going forward is that law firms take a more proactive approach to cyber security, and that includes a careful evaluation of how their video conferencing tool may or may not represent a vulnerability for them,” says Geeth.
“In order for the benefits of video conferencing to continue to outweigh the risks, firms need to look beyond generic video conferencing platforms and land on a security-first solution that enables them to mitigate cyber risks and stay compliant, even as the threat and regulatory landscapes evolve.”
Pexip can help.
➡️ Learn more about how Pexip Secure helps law firms around the world build secure, compliant and trustworthy video solutions.
- Meet & collaborate securely
- Secure Meetings