The world of pessimistic security
Pessimistic security, embedded artificial intelligence and GDPR will reign supreme in the legal sector in 2018.
Roy Russell, CEO of Ascertus, highlights the top three technology trends for law firms this year with security, data and AI top of the list. Firstly, the shift from optimistic to pessimistic security will gain momentum – It is widely acknowledged that, be it intentionally or inadvertently, people are weakest link for organisations when it comes to security. With law firms being an especially attractive target for cyber criminals, and vulnerable as their security measures are often found to be inadequate; clients will demand tangible, demonstrable and even evidencable action from legal services providers on how their data is protected.
Fresh on the heels of numerous recent embarrassing and potentially business crippling data breaches, law firms will make a concerted shift from optimistic to pessimistic security. In addition to traditional preventative security measures such as securing infrastructure, email security management, and intrusion detection; in 2018 firms will have no choice, but to segregate content, establish ethical walls and institute governance policies that allow access to information on a ‘need to know’ basis. This will ensure that only authorised individuals have access to sensitive data – and in the event of credentials being compromised, the impact of the breach will be significantly limited to the account in question.
AI becomes mainstream
Secondly, ‘Me too’ artificial intelligence (AI) products will become prevalent and software vendors will rush to embed AI within their applications – Over the last year or so, many large law firms have dabbled with AI technology, with some building their own systems and others deploying separate tools for areas such as contract analysis, information retrieval, analysing court rulings and more. These firms are now finding that it takes much more time and effort than they had originally anticipated to create these bespoke, from the ground up, AI solutions.
In 2018, AI will become more widespread as vendors of a whole raft of different software solutions, including document and email management, case / matter management and legal spend management will “AI enable” their offerings, making the technology’s adoption simple and par for the course. End users will not necessarily understand or need to know that AI is now ‘under the bonnet’, but they will come to expect that their applications to be more automated, make proactive suggestions, provide practical guidance, and automatically complete routine processes for them.
Thirdly, with the GDPR countdown truly in motion, law firms will adopt more advanced approaches to data security – The Panama Papers and other recent high profile cases have clearly highlighted the reputational damage a security breach can cause. Come 25 May 2018, when the new GDPR comes into force, the business impact of a data breach of the like of Appleby will be debilitating for a law firm. Going beyond standard security measures such as analysing application logs, network traffic, endpoint device activity and files downloaded by systems users; firms will adopt more advanced approaches to data security such as behavioural modelling, machine learning and forensics.
Leveraging historical and contextual information, such technologies will enable firms to evaluate individual behaviour and automatically alert the organisation based on deviations from normal activities. This kind of evidencable activity will play a crucial role in enabling firms to demonstrate genuine intention to comply with the GDPR in the unfortunate event of a data breach.