If your system has been hacked
Reporting the attack
Learning from the attack
Informing your insurers
Knowing what to do after a cyber attack will help you protect your firm’s systems from further damage or loss, and your clients’ data from being compromised.
This guide explains how to:
If personal data is lost, you’ll need to know what to do under the General Data Protection Regulation (GDPR). You may need to tell the Solicitors Regulation Authority, and your clients if their data is affected.
You should know what to expect from your professional indemnity insurance and cyber insurance. Be aware of what client information you can give to your insurers. You should also know what you can tell your clients and other parties about your insurers.
> Next section: If your system has been hacked
Stay up to date with all things cyber with our weekly cybersecurity and GDPR newsletter.
New online course, GDPR for managers featuring downloadable checklists and valuable resources from the Law Society and ICO.