What is it?
Information security breaches can have serious consequences for both firms and clients. Many of the risks with paper files can be managed through effective IT, however Cyber Security then needs to be considered and this is an increasingly widespread issue.
Why is it important?
The SRA wants law firms to be aware of information security breaches and take proportionate measures to protect their clients. Law firms are targeted by criminals as they hold sensitive information and large amounts of money, they can also add credibility to a potential attempt to defraud. The scams include:
- Malware – software viruses and programs allowing access to data
- Social engineering – where a criminal gains confidential information through building a personal relationship with a law firm employee
- Friday afternoon fraud – using details gained from hacking to impersonate a bank or client
- CEO fraud – where a criminal impersonates a senior figure at a law firm by impersonating or hacking their e-mail address.
What does the COLP/COFA need to be mindful of?
- Forewarned is forearmed – well-informed staff are less likely to be tricked
- Inform the police, the SRA and the bank immediately if an attack is suspected or taking place
- Always confirm the identity of others
- Periodically do online checks to check no-one is impersonating you or your firm
- Further tips on becoming more cyber secure in the government’s cyber essentials scheme – https://www.gov.uk/government/publications/cyber-essentials-scheme-overview
By Lisa Charles