Alexi CEO Mark Doble says that legacy systems and open internet architecture are no match for today's AI-fueled threats
In a matter of days, two significant developments in the United States have highlighted the serious cybersecurity risks facing law firms.
First, personal information belonging to over 360,000 individuals was leaked in a data breach involving an arm of analytics giant LexisNexis. The breach occurred over Christmas, but the company says it was only informed of the incident on April 1.
Shortly afterward, the FBI warned about an ongoing campaign by a cybercriminal group known as the Silent ransom group. The group has targeted US law firms over the past two years, using callback phishing and other social engineering tactics to infiltrate legal organizations.
One particularly concerning technique involves “vishing” – short for voice phishing – a type of cybercrime in which attackers use deceptive phone calls to trick individuals into revealing sensitive information such as login credentials, personal data, or financial details.
According to Mark Doble, CEO of Alexi, these incidents are a warning that Canadian law firms and legal tech giants must heed.
Both highlight the need for a different approach to data infrastructure in the era of AI. In his view, the potential solution to these threats is moving the data to a private cloud.
This way, he says, the data is still in the cloud but stored on a private network that doesn’t interact with the open internet.
Doble explains that one key advantage of a private cloud is the ability to confine access strictly to trusted entities within a secure virtual perimeter, which creates “a mini-internet for the firm.” He says that even if attackers use sophisticated methods like deepfakes, they cannot breach the system unless authenticated within this closed environment.
He adds that moving the data to a private cloud would have also prevented the LexisNexis breach. However, he warns that the migration will not be easy for big legal technology firms that used to rely heavily on legacy systems.
Doble explains that part of the challenge lies in how those platforms were originally engineered. He says they were built for the open internet and never designed to run locally or in walled-off infrastructures.
He points out that many legacy platforms follow a multi-tenant model, in which a single instance of the software runs on cloud infrastructure operated by the vendor and is accessed by multiple clients via the open internet.
While this has been the dominant paradigm for more than a decade, he warns that it leaves systems highly vulnerable to modern cyber threats, especially as AI agents become more prevalent online.
“You've got billions of people accessing the internet every day. Now, all of a sudden, you have a hundred times that number of entities because of AI agents that, in some cases, have been taught and trained to do fairly nefarious things.”
He argues that the open internet becomes an increasingly hostile space for any business-critical application in that environment.
Packaging them into a form that can be securely installed and operated within a private cloud would require monumental reengineering.
That, Doble says, is “almost impossible, but it has to be done.”
