Cyber security strategy of many UK law firms leaving them at risk of attack
The lack of robust cyber security strategies in many UK law firms and barristers’ chambers is putting them at a significantly higher risk of attacks, according to a new discussion paper from AXELOS.
In the new AXELOS paper - ‘Cyber resilience in the UK Legal Sector’ – a legal IT veteran warns that law firms traditionally have been slow to adopt technology and best practices regarding cyber security, leaving large gaps in their cyber resilience strategy.
The legal sector is one built on managing the most valuable and commercially sensitive information of organizations and high profile individuals effectively. The risk of this information falling into the wrong hands is significant and can cause catastrophic financial and reputational damage to law firms and their clients.
The discussion paper outlines the vulnerability of the legal sector to a cyber-attack and the reasons why they are being targeted. It warns that employees are often the greatest vulnerability in their defences and explains how organizations in the legal sector can more effectively resist, respond and recover from attacks.
Paper author Matt Torrens, who is a legal IT veteran and entrepreneur, comments: “Cyber-crime is the ‘new normal’ and now the most common offence in the UK, as reported by IT Governance. To meet this significant challenge, not only should regulatory bodies evolve to enforce best practice, but also law firms must accept their responsibility to develop and maintain appropriate cyber-resilience strategies. This top-down-bottom-up approach will help the legal market deliver global best practice that is effective, practicable and demonstrates a market wide drive towards excellence.”
Nick Wilding, AXELOS head of cyber resilience, said: “For the legal sector to have effective cyber resilience it needs a two pronged plan of action in adopting best practice. First, they need to assess how they can harden their networks against their critical vulnerabilities and secondly, they need to educate their people through ongoing, engaging and practical cyber awareness learning. This is the best way to ensure the sector is fully prepared to protect its client’s most valuable information.”
In 2015, AXELOS launched a new Cyber Resilience Best Practice portfolio - RESILIA™ - a portfolio of cyber resilience best practice publications, certified training, staff awareness learning and leadership engagement tools designed to put people at the centre of an organization’s cyber resilience strategy, enabling them to effectively recognize, respond to and recover from cyber-attacks.
Read the full Discussion Paper.
See our RESILIA section for more information.
Latest News from
Project management skills in IT and cyber security14/06/2021 13:20:00
Blog posted by: Jason Dion – Dion Training, 11 June 2021.
Service Robotics and ITIL 4: enabling customer experience11/06/2021 13:20:00
Blog posted by: Mauricio Corona – Chairman, BP Gurus, 10 June 2021.
These aren’t just any outcomes…these are MSP outcomes of benefit10/06/2021 13:20:00
Blog posted by: John Edmonds – PPM Portfolio Development Manager, AXELOS, 08 June 2021.
How to move from project to programme management08/06/2021 13:20:00
Blog posted by: Andreea Iuras – Biopharma programme/project manager, 04 June 2021.
How focusing on user experience in ITIL 4 leads to value07/06/2021 13:20:00
Blog posted by: David Billouz – CEO, Ociris, 03 June 2021.
ITIL 4 Strategic Leader: for IT strategy planning today01/06/2021 13:20:00
Blog posted by: Chandramohan Sridhara – ICT Architect, 28 May 2021.
Addressing challenges with ITIL’s guiding principles28/05/2021 13:20:00
Blog posted by: Kirandeep Singh – Continual Service Improvement (CSI) Lead, 27 May 2021.
A new-look career path for programme and project managers25/05/2021 13:20:00
Blog posted by: John Edmonds – PPM Portfolio Development Manager, 25 May 2021.