Does your firm have a basic cyber security strategy in place?
We have joined forces with Lawyer Checker to provide a free webinar on Cyber Security Top Tips. Join us on Tuesday, November 3rd 2020 @ 11:00AM. Register your place here.
Ensuring your firm is cyber secure is an ongoing commitment
PriceWaterhouseCooper, among others, has recently highlighted the rise in cyber security incidents. They have given a number of reasons why this could be, including:
- Organised crime groups likely see this as an opportunity to target organisations in desperate situations
- Opportunistic reconnaissance identifying vulnerabilities, possibly related to rapidly stood up remote working practices
As law firms handle both large amounts of personal data and client monies, they are an attractive target for cyber criminals. There is evidence to suggest cyber-attacks against law firms are rising with 73 of UK top 100 targeted.
In fact, the WHO reports “a dramatic increase in the number of cyber-attacks directed at its staff, and email scams targeting the public at large.”
The top 5 questions to ask yourself about the dangers of cyber crime
With many staff still unable to come into the office, here are 5 questions to help you consider where your business is now in terms of ongoing cyber security:
- How up to date are your current cyber security policies?
- Do these policies take increased home working into account?
- Do you know if the home network of your employees is secure?
- Are there any new or emerging cyber threats to be aware of?
- Do you have the expertise in-house to deal with cyber security or do you need to outsource to experts?
Cyber crime exploits uncertainty and lack of knowledge
The best way to be prepared is to be aware of the risks and plan accordingly. For example, you could choose to put together a strategy based on the suggestions listed below:
- Plan as if you were going to be attacked. Cyber criminals are looking for easy or lucrative targets, regardless of size or turnover
- Look at your firm’s password creation policy. You’d be surprised how many people still use names of children and their date of birth as a password. Insist your passwords follow a particular structure, dictating length, use of capital letters, numbers and special characters
- Ensure you have a robust system in place that backs up your data frequently
- Back up your data in different locations, both on and offline, to make you less vulnerable to a ransomware attack
- Ensure the safety of personal information of staff and customers is protected
- Invest in staff training. Make staff aware of different types of cyber attacks, including phishing, and know the procedure to report a suspected attack
- Get expert advice. It’s worth outsourcing to experts if you don’t have your own cyber security staff
How can we help?
OneSearch Direct can help prevent identity theft through our Lawyer Checker products. These reports provide peace of mind that you are sending client monies to the intended parties. All searches are conducted in real time and offer an enhancement to your due diligence and cyber risk management.
Lawyer Checker is a simple but effective online service that allows you to check the vendor conveyancer that you are sending money to. When account and firm details are submitted, Lawyer Checker will identify if there is a track record of previous use associated with that account.
When you send or receive client funds, can you be sure you know whose account it is? Whether sending or receiving client monies, Consumer Bank Account Checker validates the source or destination of funds.
It’s almost impossible to assess the damage a cyber attack could do to your firm, so being pro-active is vital.
To join our free webinar on Cyber Security Top Tips on Tuesday, November 3rd 2020 @ 11:00AM, register your place here.
In this webinar, Tom will answer questions and share hints and tips about Cyber Security prevention for law firms including:
- The no brainers
- The no’s
- Where can I point my staff to help educate them?
- Password security
- How can I stop a criminal impersonating our email address?
- How do we monitor if our email passwords our available for sale on the dark web?