LawGuard is a managed cyber-security standard for legal firms based on the UK Government’s Cyber Essentials standard protecting against approximately 80% of the most common cyber threats. This enables a firm to demonstrate to clients, insurers and investors that they are committed to good cyber-security.
LawGuard has been specifically designed to be compatible with your existing cyber-security and IT solutions which may continue to be used if they comply with LawGuard standard. If not LawGuard can optionally provide a full suite of fully managed solutions to ensure robust cyber-security.
There are two versions of LawGuard; standard and Gold with standard concentrating on technical controls and protection, and Gold adding Information Assurance processes such as risk assessments, asset registers and business continuity plans.
The standard package consists of the following core components:
Cyber Security Risk Assessment – The LawGuard process begins with a free general cyber risk assessment which is completed online either independently by the applicant or with our assistance. The answers are reviewed by our technical and compliance experts and a customised report sent to the applicant.
Audit, report and certification to Cyber Essentials – Cyber Essentials is a UK Government cyber security standard and is required for many government and other contracts. Based on five key technical controls it protects against about 80% of the most common cyber security threats.
Audit, report and certification to Cyber Essentials plus – Cyber Essentials Plus is an audited version of the Cyber Essentials Standard where a qualified assessor tests a firm’s security controls, reports on findings, then awards certification when the required standard has been met.
Award of LawGuard Certification
Monthly security scanning – LawGuard will scan your Internet endpoints on a monthly basis for any new vulnerabilities or risks. Configuration changes can introduce vulnerabilities, and risks are constantly evolving.
Maintenance and renewal of certification – The LawGuard, Cyber Essentials and IASME standards are constantly evolving based on new threats and best practice and are regularly updated to reflect this. Certification also needs to be renewed on an annual basis. As part of the LawGuard solution we will ensure that customers are notified of any changes to the standards, and advise on what needs to be done to achieve compliance on renewal. We will fully manage the renewal process for the duration of the contract to ensure continuous protection and compliance to UK Government standards.
Ongoing advice and helpdesk – As part of the LawGuard service we will provide ongoing cyber security advice and helpdesk support for all firms holding the standard.
LawGuard Portal – The LawGuard portal is securely accessible on the Internet, customised for legal firms and can be used by the applicant to view and complete questionnaires, track compliance status and view reports.
LawGuard Gold adds and Information Assurance audit and support to achieve IASME standard. Information Assurance for Small to Medium Enterprises (IASME) is a well-recognised information assurance standard based on the core values of ISO27001 and can be as a stepping stone to achieving full compliance. It covers areas such as business continuity, asset tracking and risk assessments, and is required for many government and other contracts.
Financial Eye has developed a service that will assist COFAs deal with the burden of regulatory requirements. COFA plus incorporates all of the recording and reporting elements of the SRA Accounts Rules 2011, and a lot more.