As a senior decision-maker for a legal firm, the information on your databases and on your system is vital. You are the trusted guardian of some or all of the following types of information:
- criminal case
- litigation strategies
- patent information
- bank account information
- market-sensitive information
- human rights
- commercial deals including mergers and acquisitions.
It’s no wonder that legal firms are finding themselves increasingly singled out for attention by cybercriminals because of the value of the information you hold if it was sold on the black market.
So, what should you do? What are the key factors you should consider when specifying a culture of cyber resilience into your systems and your people?
What is cyber resilience?
Cyber resilience is “an entity's ability to continuously deliver the intended outcome despite adverse cyber events. Cyber resilience essentially brings the areas of information security, business continuity and (organisational) resilience together."
Cyber resilience is different from cyber security. Cyber security is all about the steps you take to stop an attack from happening. Cyber resilience is a strategy to keep your practice’s wheels in motion before, during, and after an incident. What cybersecurity and cyber resilience have in common is that, to be successful, there needs to be a culture that encourages it and this culture is always led from the boardroom.
Cyber resilience is part of the same culture as cybersecurity
Cyber resilience deals with the planning and preparation for dealing with a security incident. Part of that is training the people in key positions of management to look out for risks and threats, passing them immediately to their IT team or outsourced managed service provider upon detection.
For example, what if your internal systems are infected with ransomware and the hijackers are demanding the payment of a substantial sum of money not to destroy those records? In this situation, cyber resilience is knowing what you have in the cloud and when it was last updated. If the worst happens and the cyberattack results in the corruption or the deletion of certain records, you can download that data and information again onto your network once the ransomware has been completely removed.
Another major area where cyber resilience protects both your firm and your clients is the intelligent and consistent use of data encryption. When working off-site, do your staff have instant access to the data without the need to use a password to de-encrypt information? If so, the loss of that device and everything that’s been downloaded onto it could present your practice or chambers with major GDPR and client trust issues if the data is not protected. It’s best to work with your outsourced managed services provider to ensure that all data and documentation are encrypted and password protected when they are downloaded to a new connected device.
Rigorous testing into your system’s vulnerabilities should occur frequently together with downloading patches and updates for existing software, even if rarely used, on your wider system. If you find that a program has not been used for a significant length of time, is it safe to delete it permanently because one of the cyber-attackers’ favourite ways in is through programs that have been deprecated but still sit on company servers and networks.
Consider putting your organisation through the Cyber Essentials qualification run by the Government. You may even wish to go for ISO27001.
Cyber resilience audit
Find out more about cyber crime and speak to the Sprout Team today on 020 7036 8530 or at firstname.lastname@example.org and working with you, we’ll discover how cyber resilient your practice or chambers is today and what it needs to do to get where you and your clients need it to be.