Confident lawyer breaking fourth wall

Law Firms and Information Governance

Law Firms and Information Governance

4 Minute Read

Law firms are doubling down on perimeter cyber security. But what happens if a hacker breaches the first line of defence?

The Wall Street Journal published Cyberattack Exposes Law Firms’ Weak Spots in December 2016, revealing the legal industry’s continued digital vulnerabilities. The siren song rang ominously across the continent – prompting many firms to report significant security upgrades in hopes of rebuilding stakeholder confidence and assuring clients and regulators they’re taking the necessary steps to prevent future attacks.

But they may be missing the point.

While improving perimeter security is certainly a critical step, its far from the only one. Hackers can and will eventually find ways around that initial line of defence. And if they do – using phishing schemes or other methods – they can gain easy access to emails, documents and other sensitive information inside the firm.

From Macro to Micro

Attacks are becoming more frequent and sophisticated, and it’s no longer practical to rely on strong castle walls alone to protect the crown jewels. Looking beyond broad-based controls, a strong information governance strategy considers how organizations can reduce the harm of a worst-case scenario by taking a more granular approach to protecting information.

Restricting information access to only those who need to materials for their business purposes is one possible measure. Encrypting and protecting work products with multiple authentication mechanisms is another. The following additional steps can help fend off most attacks and prevent (or at least mitigate) damage from a potential breach:

  • Educate and train users on information governance requirements and processes
  • Use strict security models, including encryption
  • Store work products in governed locations and under enforced data retention policies
  • Use information governance analytics to understand who is accessing information and how


Tomorrow’s technology is shaping business today. To learn more about how MNP can help you leverage information governance to reinforce your cyber security strategy, contact John Desborough, Director Consulting and Technology Solutions at [email protected].


  • Confidence

    June 07, 2023

    Discovering IP theft is a collaborative effort

    In an article for Canadian Lawyer, MNP’s Ryan Duquette discusses how digital forensics experts and their clients must work together to identify IP theft.

  • Agility

    Influencing an industry: Women leading by example in GTA real estate

    Speaking with women within two successful real estate development companies in the GTA about what sets them apart. Bringing empathy, compassion, and philanthropy to the space has paved the way for Spotlight Developments and Greenwin to give back to the communities they serve, change the industry, and inspire women in the workforce.

  • Progress

    June 06, 2023

    Everything you need to know about the rising debt among young medical students

    With young medical school graduates struggling to pay of significant debt, both private and government, accrued during their studies, insolvency may be the best option to help them get their careers started off on the right foot.