<img alt="" src="https://secure.refl3alea.com/149779.png" style="display:none;">

      Recommended Blogs

      • The P@$$W0rd is dead!

        Passwords have always been a burden on both clients, service providers and IT departments; Rules of complexity, how a ...

        Read More
      • Christmas shopping for an unusual year

        2020 has been a very interesting year and the majority of us have found that our plans for this year have gone directly ...

        Read More
      • Password security while using social media and online applications

        In 2018 Facebook disclosed that nearly 50 million accounts had been compromised by a large-scale attack on the social ...

        Read More
      • Keep your legal firm secure when posting content on company social media accounts

        Picture this - You have a fantastic photo of a colleague celebrating a work achievement with a cake at their desk and ...

        Read More
      • Sprout Sessions - UK Legal - Cyber Security Early Adopters

        Watch the recording of our webinar on the 18th June 2020.   

        Read More
      Cyber resilience and the UK legal sector
      BY SproutIT

      Legal firms, large and small, are very attractive targets to cyber-attackers for a number of different reasons, the three most important of which, according to the National Cyber Security Centre and the Law Society. 



      Some of these reasons are:

      • sensitive client information,
      • access to the significant company and client funds often held by solicitors’ practices and barristers’ chambers (£731,250 of client money was lost between January and June 2019 )
      • and the commercially confidential information they hold on corporate clients

      From Sprout IT’s general work with partners and IT heads in the legal sector, we can see how many of you genuinely appreciate the seriousness of the current threat in being the victim of a cyberattack.





      You are right to be – 60% of UK law firms reported “suffering an information security and data loss security incident in 2018”3 . In 2019, the situation worsened further. According to Crowe, KYND, and University of Portsmouth’s Centre for Counter Fraud Studies’ 20194 report into the preparedness of British legal firms against information security and data loss security incidents, the following was found:

      • 91% have either had their website address or email servers spoofed
      • 80.5% of firm’s IT systems featured one or more hardware or software component with a well-known vulnerability whose presence could be exploited by cyber-attackers
      • 21% of legal firms’ IT systems (including the devices connecting to those IT systems) used software which was either out of date or which was no longer supported by the vendor
      • 23% of companies in the legal sector had one or more security certificate which had either been distrusted, revoked, or had expired – preventing clients and other stakeholders from being able to connect securely
      • 79% of firms had one or more website domains not registered to the company but to an individual – a significant red flag over future control of those domain names and the ability to continue to trade with them

      The National Cyber Security Centre and the Law Society go on to warn that, although most attacks are currently financially motivated, cyberattacks are now being used by governments for “gain strategic and economic advantage”. But how cyber resilient are British law firms? In recent weeks, we carried out a survey of a select group of solicitors’ practices and barristers’ chambers and, in this white paper, we present the results together with the latest advice from our experts on building in cyber resilience to your legal organisation. 





      Cyber Security legal IT legal technology cyber resilience legal industry industry report,