Cyber Risk Screening for law firms
Cyber security and data breaches are an immediate concern for organisations of all sizes, but in particular for law firms, which deal with a considerable volume of sensitive information.
The recent report ‘The cyber threat to the UK legal sector 2018’, written by the National Cyber Security Centre (NCSC) in collaboration with the Law Society, the Solicitors Regulation Authority, Action Fraud and the National Crime Agency, highlights the latest trends and quantifies the monetary damage related to cyber attacks and data breaches. Specifically, in the UK more than £11 million of client money was stolen by cyber criminals between 2016-2017 and 60% of law firms reported at least one information security incident in 2017 – an increase of almost 20% on the previous year.
Phishing, data breaches, ransomware and supply chain compromise are increasing trends, but why are law firms particularly susceptible to cyber attacks and targeted by hackers?
There are 3 main reasons:
1. They collect and manage very valuable and confidential data, such as trade secrets, intellectual property, and information related to future business deals, mergers and acquisitions, etc. For criminals, this can be seen as an easy way to gain money by extorting payment through ransomware, or by accessing private data and selling it on the black market.
2. They handle significant funds and are a key enabler in commercial and business transactions.
3. They aren’t fully equipped and prepared because it is difficult to have proper policies, defensive procedures, and precautions in place to effectively manage cyber risks and neutralise the dynamic nature of cyber threats.
Every business relies on numerous types of data, including personal, customer, financial and commercial information. A data breach or cyber attack can cause business and reputational damage, as well as regulatory and compliance issues. Losing money, customers and competitive advantage due to an unexpected interruption of trading and activities could seriously jeopardise the future of the business itself.
Would you like to manage cyber risk in 4 simple steps?
1. Enter your domain name and answer a few questions
2. After the screening, check the report
3. Clearly and quickly see any cyber risks affecting your organisation
4. Take action and plan to fix them immediately.
Available as a one-off assessment or regular monitoring, Cyber Check (powered by KYND’s cyber risk technology) undertakes immediate screening and instantly provides a report detailing the organisation’s cyber risk exposure and vulnerabilities, helping law firms and legal practices take immediate action to proactively manage cyber risk. The service is quick and easy to use, and IT expertise is not required. Risk exposure and severity is immediately clear, and the user can prioritise the actions to be taken.
CRIF has recently enriched its risk management solutions with CYBER CHECK, a product powered by KYND, to help businesses understand their cyber risks and mitigate them. CRIF is a major investor of KYND, a pioneering cyber risk management company headquartered in London and founded in February 2018.