Cyber security report for UK law firms – Welcome, but doesn’t go far enough

Law firms are a highly prized target for a specific type of cyber attacker.

Unfortunately for us the traits of that type include;

  • High degree of business acumen
  • Understanding of organisational behaviour
  • Emotional intelligence

Worst of all, they have patience. These malicious actors can afford to play the long game. Employee data is freely available, from the SRA ‘Find a Solicitor website, and the industry’s fashion to advertise employees’ roles and contact details on their own website. This presents a large, low cost database to attack.

And attack they do. As the National Cyber Security Centre’s recent report, ‘The cyber threat to UK legal sector‘ points out reported incidents have increased nearly 50% over the last five years.

It’s a welcome report and could help in getting a cyber security conversation started in a practice. From our own, albeit anecdotal, evidence we block more highly targeted threats against our legal clients, compared to our non-legal ones.

However, we don’t believe the report goes far enough or is clear enough in its recommended actions that a law firm should take. With just a little investment, cyber security protection can be greatly enhanced.

Email phishing is a great example. Unless you are a multinational corporation, your email server probably resides in the UK. Many of the phishing emails you receive, spoofed to appear to come from a senior partner, will come from outside of the UK. An email filtering service, that probably costs less per month than a typical employee spends on coffee to go per day, could block those emails before they reach a colleague’s inbox.

At Abtec we take a layered approach to cyber security. Extending beyond technology, our approach encompasses an organisation’s processes and people. This way we can help protect your online and offline assets and reputation.  See how we help other law firms get the most from their IT investment.

Call us on 01858 438 500 to find out how we’ve helped protect other law firms against cyber security threats.

Comments are closed.