breaking the silence on cyber security: how fireeye keeps your law firm secure
TRANSCRIPT
No one in the legal industry wants to talk about it.
But cyber criminals are out there. And they have law
firms in their sights.
Cyber security experts at Mandiant, a FireEye
company, warned as far back as 2011 that at least
80 of the top 100 law firms in the country (by
revenue) had already been attacked by cyber
criminals. Not surprisingly, 79% of respondents to a
2014 Marsh survey said that cyber privacy security
was one of their top 10 risks when they considered
their overall risk strategies. And more than 40% of
those surveyed would place it even higher—as one of
their top five risks.
An internal March 2015 report by Citibank
obtained by the New York Times concluded that law
firms today were at “high risk for cyberintrusions.”
The reason? They were rich troves of highly
sensitive information: patent applications,
business deals, and the personally identifiable
information (PII) of clients.
The article also said that law firms’ reluctance to
discuss their risks publicly made it difficult to know
exactly what they were doing to protect themselves.
Still, the number of recent high-profile breaches
implies that security at law firms is less effective
than that at retail or financial services industries.
Breaking the Silence on Cyber Security How FireEye keeps your lawfirm—and you—secure.
S O L U T I O N S B R I E F
SECURITY REIMAGINED
Why should you care? Because you’ve trusted your
law firm with your highly sensitive information: your
corporate intellectual property (IP), your merger-
and-acquisition (M&A) plans and the PII of your
employees, among other things.
It’s time to break the silence around cyber security.
It’s important to know how your law firm keeps your
information safe. How it stays vigilant in the face of
ever-more-sophisticated cybercriminals. And what
threat intelligence and technology it deploys to keep
you protected.
You need to know that yours chose FireEye.
SECURITY CERTIFIED BY THE DEPARTMENT OF HOMELAND SECURITYThe FireEye MVX™ Engine and Cloud Platform are the
only cyber security technologies to be deemed so
“useful” and “effective” by the Department of Homeland
Security (DHS) that they are SAFETY Act Certified.
What does this mean? In a nutshell, this is the highest
level of DHS approval. It means if businesses use
FireEye solutions that include those technologies,
they may not be liable for certain types of damages
in the event of a cyber terrorist attack. That’s how
confident the DHS is that FireEye solutions will hold
up in the face of potentially devastating attacks.
1 Mandiant Consulting internal research. 2011.2 Marsh. 2014 Global Law Firm Cyber Survey. https://www.marsh.com/us/insights/more-cyber-preparedness-needed-2014-law-firm-cyber-survey.html.3 Ibid. 4 Matthew Goldstein (New York Times).“Citigroup Report Chides Law Firms for Silence on Hackings.” March 26, 2015.5 Ibid.
Breaking the Silence on Cyber Security: How FireEye keeps your law firm—and you—secure.
SOLUTION BRIEF:
FireEye, Inc. | 1440 McCarthy Blvd. Milpitas, CA 95035 | 408.321.6300 | 877.FIREEYE (347.3393) | [email protected] | www.fireeye.com
© 2015 FireEye, Inc. All rights reserved. FireEye is a trademark of FireEye, Inc. All other brands, products, or service names are or may be trademarks or service marks of their respective owners. — SB.HP.NX.EN.102015
FIREEYE ON THE FRONT LINEFireEye, one of the world’s foremost cyber
incident responders, is often the first company
called in to respond to sophisticated cyber attacks.
We spend more than 100,000 hours each year
responding to the major breaches in the headlines.
The intelligence we gain from being on the front
line of incident response feeds directly back into
our technology to ensure you are protected from
the most complex and unexpected attacks.
WHAT FIREEYE DOES FOR LAW FIRMS—AND THEREFORE FOR YOUHere’s how our FireEye solutions help your law
firm protect your important information.
We catch the most advanced threats
Traditional network and endpoint security
products—such as endpoint antivirus (AV)
solutions and intrusion prevention systems
(IPS)—are designed to detect known threats
through pattern-matching signatures.
Unfortunately, advanced attackers often
customize malware to evade signature-based
detection. Custom malware sails past most
signature-based defenses—through web, email,
and other avenues of attack—as if they weren’t
even there. FireEye detects and prevents
otherwise unrecognized and unknown zero-day
exploits and advanced multi-stage and multi-
vector attacks.
We respond swiftly to incidents
No matter how much money a law firm spends on
security, the potential for compromise by a
determined attacker always exists. There are no
guarantees with IT security. Rapid detection and
response is essential. Swiftly investigating attacks
when an incident does occur can mean the
difference between stopping cyber attackers from
achieving their objectives and making headlines as
the latest victim of a foreign threat. FireEye
provides the tools your law firm needs to validate
threats and determine their impact.
We proactively search for compromised devices
When a “patient zero,” connects to a law firm’s
network and infects hundreds of other machines,
the law firm must often suspend network services
and connectivity to deal with the problem. This
downtime can devastate your law firm’s ability to
serve you. FireEye gives your law firm the ability
to proactively look for signs of compromise on all
IT devices, whether they are PCs connected to on
the corporate network, or tablets or laptops
signed in via a public hotspot. This allows your law
firm to identify problems early and isolate infected
devices prevent the spread of malware—without
disrupting network operations. FireEye can also
analyze and triage remote and off-premise devices
for mobile employees.
FIREEYE HELPS LAW FIRMS PRIORITIZE THE SAFETY OF YOUR INFORMATIONReading the stories of current cyber attacks can
be scary. But rest assured that when FireEye
provides expertise, intelligence and technology to
law firms, we put them on the cutting edge of
cyber security protection. Keeping your sensitive
information safe is our top priority. Which means
it’s the top priority of your law firm, too.
For more information about FireEye services
and technology for law firms, contact