By Legal Futures Associate Access Legal [1]
Cyber criminals mean business and it seems increasingly that their most attractive prime target is the law firm. For this reason, as a priority, Access Legal regularly runs cyber security events and panel discussions with law firms on the topic of Cyber Security.
Here are some law firm cybercrime statistics from the Solicitors Regulation Authority [2], from their recent visits to 40 practices where they carried out thematic reviews covering cyber security:
- 75% of law firms visited reported having been the victims of a cyberattack.
- For 23 of those that were directly targeted, over £4m of client money was stolen.
- Half of the firms were found to have allowed unrestricted use of external data storage media
- 25% of firms are not encrypting their laptops.
It is becoming increasingly challenging to protect your business from cyber-attacks. Today’s cyber criminals are progressing rapidly in terms of sophistication. A 2016 BT-KPMG report [3] talked about the ‘industrialisation of cybercrime’ having seen clear evidence that today’s cybercriminal works for complex operations akin to businesses, with human resources departments and budgets for research and development. And things have moved on even further since then. They mean business.
The pandemic has only heightened the cyber threat to law firms
The pandemic has only worsened things. With the overnight homeworking revolution last year and all the added cyber challenges that came with it, including a deluge of Covid-related scams, law firms with the nature of the data they hold, need to be more on-the-ball than ever.
The reputation of the firm is at stake
It goes without saying that the professional reputation of any law firm plays a critical role in their continued success, attracting clients and long-term relationships, which of course are the life blood of legal practice. American business magnate, investor, and philanthropist, Warren Buffets is famous for saying, “It takes 20 years to build a reputation and 5 minutes to ruin it.” Never has this statement been more pertinent, in the face of the daily cyber threats faced by all businesses, especially the legal profession.
What law firms can expect from this blog series
For the unprepared, there is no doubt the threat of cybercrime to law firms is a minefield. As a group of legal IT professionals, many of us whom have been working with leading law firms for 30+ years, we have grown alongside our law firm peers, learning and tackling together the legal profession’s mounting cyber security challenges as they have increasingly grown in seriousness year-on-year. We thought it would be useful, to map out what we believe are the main cyber security considerations for the next 12 months and our top tips for law firms wishing to bolster their cyber security policies for 2022.
As we approach 2022, we believe law firms must not only be sure that they themselves are doing all they can to protect their clients’ assets, data, and the firm’s reputation – but also that their trusted technology partners and software suppliers are on-the-ball with cyber security too. We also believe it is important that firms consider the bigger picture in terms of what the threat of cybercrime can do to law firm culture, and also take heed from the experiences of others across the legal landscape, especially learning lessons from those firms that have suffered the consequences of not acting soon enough to bolster their cyber security.
More Cyber Security Resources from Access Legal
- PDF Document: The Ultimate Guide to Cyber Security for Law Firms [4]
- Original source: Access Group’s complete guide to cyber security for law firms [5]
- Webinar Recording: Access All Areas Panel Discussion on Cyber Security October 2021 – Cyber Security for Law Firms – the trends, the threats and the considerations. [6]
- For help with your legal practice management software or digital learning and compliance you can reach Access Legal on 0845 345 3300 or via our online enquiry form [7]