The legal sector is at significant and growing risk of cybercrime, cyber attacks and scams, partly because of the sensitive data and significant monies held by law firms.
The SRA reported that in 2016/17, over £11m of client money was stolen due to cybercrime. In 2017/18, 60% of law firms reported an information security incident - almost a 20% increase from the previous 12 months.
These pages bring together guidance and support from the Law Society and external organisations to help firms understand and mitigate cybersecurity threats.
Sign up to our cybersecurity and GDPR news digest to receive:
If you are experiencing an issue seeing the sign-up form email Cybersecurity@lawsociety.org.uk
Chapter 2 of our guide on how to identify a cyber attack.
This guide explains how to recognise and prevent the different cybersecurity threats you and your firm might face.
If you've been hacked, you should follow your response plan to alert the right members of staff, take actions to stop the attack, and reduce the damage.
You should be aware of client confidentiality when talking to your insurers.
At an appropriate point, review the attack with your employees.
Chapter 1 of our guide to how to identify a cyber attack.
Chapter 3 of our guide on how to identify a cyber attack.
Your reporting duty will depend on the kind of cyber attack you've experienced and what the damage was.
Chapter 6 of our guide on how to identify a cyber attack.
Chapter 4 of our guide on how to identify a cyber attack.
Access our guidance and advice to help protect your firm against cyber threats
Learn more about products and services to help mitigate cybersecurity threats
Learn in this one hour webinar more about data transfer, adequacy decisions, EU/US Privacy Shield