28 September 2023
Download the FREE 2023 Cyber Security in Law Report!
ALPMA has partnered with leading cloud & cyber security solutions provider AUCloud and services firm LexVeritas to investigate the Australian legal industry’s cybersecurity readiness. The findings of the survey were presented during the 2023 ALPMA Summit, providing insight about how to make your firm resilient against cyber-attacks and up-to-date with cloud infrastructure.
The inaugural research showed that the legal industry is at risk, concerned and underprepared for cyber-attacks, which it identified as a top operational challenge.
“Cybercrime is unfortunately the biggest threat to Australian business and is one of our fastest growing industries globally and it has no prejudice”
Peter Maloney, CEO, AUCloud
Benchmark your firm
This free industry report lets you benchmark your firm's cyber security preparedness, systems and priorities among the Australian and New Zealand legal industries, giving you insight into the strategies your firm can consider as you fortify against this rising threat.
Over 50% of survey respondents were not confident their firm was as secure as it could be against a cyber-attack and 19% felt their company was not doing enough to protect itself. A lack of resources is impacting their preparedness with 34% of firms surveyed not having a published cyber incident plan and 31% having an incomplete one.
“Cyber security is an ongoing and very real threat to our members and their firms. That’s why our association is partnering with industry experts to provide further education, support, and guidance in how to be more prepared.”
Emma Elliott, CEO, ALPMA
Biggest Operation Challenges
Across Australian and New Zealand law firms there is an increasing awareness of the threat of cyber-attacks and infrastructure instability. Over half of respondents see cyber security as a key challenge their firm currently faces, and over a third view the costs of IT infrastructure as where current operational issues can arise.
IT Infrastructure Costs
Cyber Planning & Incident Response
While over three quarters of respondents report that their firm has a designated team or individual responsible for managing cyber security risks and incidents—either in-house or engaged via a third party—less than a third of the same firms currently offer a trained and tested cyber incident plan for all staff to view.
A majority of respondents work at firms conducting cyber security training, but less than half also perform regular penetration testing to evaluate whether this training is effective.