Broker Howden has released a cyber risk guide for the legal industry, to help it guard against “a novel category of villains”.

The guide says that while cybercriminals may initially have been “mischief-makers or curious minds”, they are now “well-funded, sophisticated enterprises”.

It says crooks are increasingly targeting the legal sector, “recognising it as a lucrative and information-rich domain”.

Large law firms are a “strong magnet” because significant data could be sold on the black market or ransomed, but smaller firms are also at risk because their defences are weaker.

“Compromised sensitive information, exposed commercial secrets or loss of clients’ funds can ruin the law firm’s very foundations of trust and confidentiality, destroy credibility and can result in regulatory penalties, legal proceedings and other substantial costs of dealing with a breach,” Howden says.

The guide provides 20 cyber risk management tips, including preparing an incident response plan, implementing segregation of duties and callback procedures, and mandating password rotation rules.

Download the paper here.