Financial Eye, our risk management partners who work closely with the legal profession, have always been dedicated in advising the profession that the SRA will take a tough stance against firms who are not proactive in protecting client monies and assets. To illustrate this the SRA recently issued a rebuke where a firm was subject to a cyber-attack which resulted in client monies being diverted to fraudsters.
Financial Eye cannot stress enough to firms the devastating consequences that a cyber breach can have on the day-to-day running of their business, their reputation and their finances. It should not be under-estimated the time taken to deal with a successful cyber- attack.
The first question to a law firm is always “Do you have Cyber Essentials or Cyber Essentials Plus?” This is significant as the Government believes that all firms who handle sensitive data should implement a core set of security controls, as an absolute minimum, given the serious nature of the threat in the UK – Cyber Essentials defines what these controls are.
BENEFITS OF LAWGUARD
Many firms are struggling to find a cost-effective and practical way to implement Cyber Essentials across their organisation. It is for this reason that Financial Eye have introduced LawGuard as an enhanced product of the Government-backed Cyber Essentials scheme. It specifically provides the legal profession with a managed cyber security solution that incorporates and enhances the Government-backed Cyber Essentials scheme.
A recent research analysis from GCHQ showed that the vast majority of cyber-attacks exploit basic, known vulnerabilities, like passwords and admin access policies. Cyber Essentials shows you how to address these vulnerabilities – it is simple, low cost and specifically designed for SMEs.
Legal professionals who implement LawGuard will, subject to meeting all the relevant criteria, receive the Cyber Essentials certification. At the outset, they will receive a free Cyber Risk Assessment, which can be completed online, and reviewed by our technical and compliance experts. A monthly Cyber Vulnerability Assessment of internal networks and connected equipment will also be provided.
Importantly, LawGuard will address the ever-present threat of phishing. Phishing emails are fraudulent attempts to steal information or infect the computer with malware. An important way to
protect yourself is to learn how to recognise a phishing email attempt. LawGuard offers a simulated phishing campaign which will identify any areas of vulnerability that may require attention.
LawGuard has been designed to be compatible with a firm’s existing cyber security and IT solution which, if they comply with the LawGuard standard, can continue to be used. If not, LawGuard will discuss an alternative solution to ensure the firm is cyber secure.
Risk management is the fundamental starting point for the legal profession to protect their data information, their finances and, equally as important, their clients’ databases and money.