No one in the legal industry wants to talk about it.

But cyber criminals are out there. And they have law

firms in their sights.

Cyber security experts at Mandiant, a FireEye

company, warned as far back as 2011 that at least

80 of the top 100 law firms in the country (by

revenue) had already been attacked by cyber

criminals. Not surprisingly, 79% of respondents to a

2014 Marsh survey said that cyber privacy security

was one of their top 10 risks when they considered

their overall risk strategies. And more than 40% of

those surveyed would place it even higher—as one of

their top five risks.

An internal March 2015 report by Citibank

obtained by the New York Times concluded that law

firms today were at “high risk for cyberintrusions.”

The reason? They were rich troves of highly

sensitive information: patent applications,

business deals, and the personally identifiable

information (PII) of clients.

The article also said that law firms’ reluctance to

discuss their risks publicly made it difficult to know

exactly what they were doing to protect themselves.

Still, the number of recent high-profile breaches

implies that security at law firms is less effective

than that at retail or financial services industries.

Breaking the Silence on Cyber Security How FireEye keeps your lawfirm—and you—secure.

S O L U T I O N S B R I E F

SECURITY REIMAGINED

Why should you care? Because you’ve trusted your

law firm with your highly sensitive information: your

corporate intellectual property (IP), your merger-

and-acquisition (M&A) plans and the PII of your

employees, among other things.

It’s time to break the silence around cyber security.

It’s important to know how your law firm keeps your

information safe. How it stays vigilant in the face of

ever-more-sophisticated cybercriminals. And what

threat intelligence and technology it deploys to keep

you protected.

You need to know that yours chose FireEye.

SECURITY CERTIFIED BY THE DEPARTMENT OF HOMELAND SECURITYThe FireEye MVX™ Engine and Cloud Platform are the

only cyber security technologies to be deemed so

“useful” and “effective” by the Department of Homeland

Security (DHS) that they are SAFETY Act Certified.

What does this mean? In a nutshell, this is the highest

level of DHS approval. It means if businesses use

FireEye solutions that include those technologies,

they may not be liable for certain types of damages

in the event of a cyber terrorist attack. That’s how

confident the DHS is that FireEye solutions will hold

up in the face of potentially devastating attacks.

1 Mandiant Consulting internal research. 2011.2 Marsh. 2014 Global Law Firm Cyber Survey. https://www.marsh.com/us/insights/more-cyber-preparedness-needed-2014-law-firm-cyber-survey.html.3 Ibid. 4 Matthew Goldstein (New York Times).“Citigroup Report Chides Law Firms for Silence on Hackings.” March 26, 2015.5 Ibid.

Breaking the Silence on Cyber Security: How FireEye keeps your law firm—and you—secure.

SOLUTION BRIEF:

FireEye, Inc. | 1440 McCarthy Blvd. Milpitas, CA 95035 | 408.321.6300 | 877.FIREEYE (347.3393) | info@fireeye.com | www.fireeye.com

© 2015 FireEye, Inc. All rights reserved. FireEye is a trademark of FireEye, Inc. All other brands, products, or service names are or may be trademarks or service marks of their respective owners. — SB.HP.NX.EN.102015

FIREEYE ON THE FRONT LINEFireEye, one of the world’s foremost cyber

incident responders, is often the first company

called in to respond to sophisticated cyber attacks.

We spend more than 100,000 hours each year

responding to the major breaches in the headlines.

The intelligence we gain from being on the front

line of incident response feeds directly back into

our technology to ensure you are protected from

the most complex and unexpected attacks.

WHAT FIREEYE DOES FOR LAW FIRMS—AND THEREFORE FOR YOUHere’s how our FireEye solutions help your law

firm protect your important information.

We catch the most advanced threats

Traditional network and endpoint security

products—such as endpoint antivirus (AV)

solutions and intrusion prevention systems

(IPS)—are designed to detect known threats

through pattern-matching signatures.

Unfortunately, advanced attackers often

customize malware to evade signature-based

detection. Custom malware sails past most

signature-based defenses—through web, email,

and other avenues of attack—as if they weren’t

even there. FireEye detects and prevents

otherwise unrecognized and unknown zero-day

exploits and advanced multi-stage and multi-

vector attacks.

We respond swiftly to incidents

No matter how much money a law firm spends on

security, the potential for compromise by a

determined attacker always exists. There are no

guarantees with IT security. Rapid detection and

response is essential. Swiftly investigating attacks

when an incident does occur can mean the

difference between stopping cyber attackers from

achieving their objectives and making headlines as

the latest victim of a foreign threat. FireEye

provides the tools your law firm needs to validate

threats and determine their impact.

We proactively search for compromised devices

When a “patient zero,” connects to a law firm’s

network and infects hundreds of other machines,

the law firm must often suspend network services

and connectivity to deal with the problem. This

downtime can devastate your law firm’s ability to

serve you. FireEye gives your law firm the ability

to proactively look for signs of compromise on all

IT devices, whether they are PCs connected to on

the corporate network, or tablets or laptops

signed in via a public hotspot. This allows your law

firm to identify problems early and isolate infected

devices prevent the spread of malware—without

disrupting network operations. FireEye can also

analyze and triage remote and off-premise devices

for mobile employees.

FIREEYE HELPS LAW FIRMS PRIORITIZE THE SAFETY OF YOUR INFORMATIONReading the stories of current cyber attacks can

be scary. But rest assured that when FireEye

provides expertise, intelligence and technology to

law firms, we put them on the cutting edge of

cyber security protection. Keeping your sensitive

information safe is our top priority. Which means

it’s the top priority of your law firm, too.

For more information about FireEye services

and technology for law firms, contact

info@fireeye.com.