The National Cyber Security Centre, The Law Society and the National Cyber Security Industry 100 group have recently commissioned a report about the cyber threat to the UK Legal Sector. Whether you are a sole practitioner or a large global practice, this report provides valuable information about the technological threats that law firms are faced with today. From a risk management perspective, we feel that the report is a useful resource that you should be made aware of.

The report outlines the growing cyber threat to the legal sector, with 60% of law firms reporting an information security incident in 2017, up from 42% in 2014. The legal profession is an attractive target for cyber attackers as it has access to sensitive client information, significant funds and often plays a key role in commercial and business transactions.

Attacks can have a financial, organisational and reputational impact on a firm, no matter its size. Generally the main threat to the UK legal sector is from cyber criminals with a financial motive. However, those firms that handle sensitive clients or work in territories that are hostile to the UK may be at greater risk of attacks from hackers with a political or ideological agenda. In addition to small-scale attacks, cyber-attacks at a global level could affect firms who do not take adequate steps to protect themselves.

As well as providing an overview of the threat, the report highlights some real-life scenarios your peers have faced, coupled with practical advice and some simple steps that you can take immediately and easily to protect your practice.

Whilst cyber criminals' attacks become more and more sophisticated, continually improving your IT security through staff awareness and access to security experts will help to mitigate the risk. Following an attack, working with experts to get your business up and running again is increasingly important.  

Suitable insurance also helps to combat the threat. Your Professional Indemnity insurance (PII) is there primarily to protect your clients' interest, but it is not designed to protect your business interests. Given the relatively modest cost of sourcing a Cyber insurance solution that would provide your practice with the necessary support, we urge you to explore this option with your Lockton representative.

The market is full of different Cyber products, which vary in the scope and quality of cover they can offer. Lockton's Global Cyber Security team are recognised as industry leaders and have provided cyber security solutions for a range of sectors and business sizes.

Lockton has a number of products designed specifically for law firms of England and Wales, from pure Cyber through our Data Lock policy, to a fully-integrated solution through Inter Lock, which combines your SRA-approved PII policy with regulatory defence cost, Cyber and first-party Crime coverage.

If you would like to read the full report, visit: https://www.ncsc.gov.uk/blog-post/new-ncsc-report-highlights-threats-uk-legal-sector

To find out more about how your firm could benefit from improved cyber security, please speak to your Lockton representative.