Like most businesses, law firms are increasingly reliant on IT and technology to deliver their services, and are falling victim to a range of malicious cyber activities.
In the last year, 60% of law firms reported an information security incident - an increase of almost 20% from the previous 12 months - whilst the Solicitors Regulation Authority (SRA) reports that over £11m of client money was stolen due to cyber crime in 2016-17.
The NCSC's 'The cyber threat to UK legal sector' report explains the current cyber security threats that are targetting the legal sector, illustrated with high-profile case studies such as the Mossack Fonseca data breach. The report also offers practical guidance to help firms put relevant protections in place. It's been developed in partnership with the NCSC Industry 100 scheme and the Law Society, and forms part of the NCSC’s mission to raise the cyber maturity and resilience of UK law firms.
The report has been produced for senior decision makers in the legal sector, with the aim of encouraging industry-wide adoption of cyber security best practice. As well as reading this report, we're encouraging law firms of all sizes to sign up to the NCSC's free Cyber Security Information Sharing Platform (CiSP), a joint industry and government initiative set up to exchange cyber threat information in real time, in a secure, confidential and dynamic environment. In addition, UK-based law firms can now sign up to a new, private 'Legal Sector' group, tailored to their specific needs.
For more details on how to register for CiSP, please refer to the CiSP sign-up pages (the NCSC, the Law Society or the Bold Legal Group can sponsor your organisation, if required). And if you've any feedback about the report, please let us know in the comments section below, or by using the Contact Us page.
Partnership Lead, NCSC