"Cybercrime is a near-constant threat to law firms." This is something we are now all far too used to hearing. But it is true, and because of this increased risk, good cyber security is now necessary to achieve Lexcel accreditation. Smart advances in cyber-attacks mean that staying up to date is certainly the first line of defence.

The nature of the information Law firms hold mean they become attractive targets for cyber-attacks. The risk outlook 2018/19 report by the SRA found that cybercrime has risen 52% against law firms in recent years. This included crimes such as email modification fraud, phishing and malware, among others. All of which can pose devastating consequences for the company and their reputation. When cyber-attacks are successful, firms can lose access to their technology systems, have funds stolen, and suffer data breaches.

This threat has been recognised to the point that the popular Lexcel scheme now requires its members to show basic cyber security to achieve accreditation. An increased reliance on technology means that firms need to continually add new safety measures to prevent attacks.

The latest revision of the Lexcel standard, now states that “Practices must have an information management and security policy and should be accredited against Cyber Essentials.” Granted, this is not a direct requirement to achieve accreditation, but it does make it clear that Cyber Essentials ensures the necessary requirements are met for minimum cyber security levels.

 

What is Cyber Essentials?

Cyber Essentials is a government backed scheme. The purpose of which, to help organisations guard against the most common cyber-attacks. Designed to be size agnostic, Cyber Essentials allows firms to ensure they are meeting the minimum requirements to maintain IT security. At its most basic level, Cyber Essentials consists of a self-assessment. Your firm completes the questionnaire, which oversees what measures are currently in place. This is then verified by a certification body to confirm if the standard has been achieved.

 

Why is Cyber Essentials important?

Cyber Essentials lets everyone know that you’re taking cyber security seriously. Most cyber-attacks are actually very basic in nature. Having a few measures in place can set the groundwork to prevent these attacks from being successful.

It also shows that you’ve got the structure in place to keep information secure. This includes simple IT protections including firewalls, patch management and user access control. Though simple, each method is highly effective at preventing cyber criminals from succeeding.

By taking cyber security seriously, you show a commitment to ensuring the best for your customers. Your reputation can be boosted, with a knock-on effect on business too.

 

How can you get Cyber Essentials?

As mentioned, Lexcel accreditation now advises that Cyber Essentials should be gained. There are 2 forms available, both of which can be supported by Oosha.

The first is the basic level of Cyber Essentials. This consists of the self-assessment questionnaire. Cyber Essentials Plus has the added element of internal vulnerability testing. This looks at the current systems in place as well.

Working alongside a tech company can highlight issues which may prevent successful application. It can also make it easier to work to resolve these, so a pass is achieved. 

 

Matthew Newton
Matthew Newton
Managing Director, Oosha
lexcel hexagon image

“Practices must have an information management and security policy and should be accredited against Cyber Essentials.”

Lexcel Standard

RELATED ARTICLES

Is Windows Virtual Desktop a game-changer for law firms?

VDI (Virtual Desktop Infrastructure) is a fully formed Windows 10 desktop delivered directly to an end user via the cloud. To date, it has been a popular use of the cloud amongst legal firms. And it’s no surpri...

What does legal innovation really mean?

The phrase “legal innovation” has become a bit of a buzzword amongst law firms. And there’s a good reason for it. An SRA Survey found that 40% of firms had already put in place procedures to support innovation,...

How to get your partners on board with cyber security

In the typical law or accountancy firm, it’s always the partners who are looked upon to spearhead change and keep the practice moving forward with the times. But while the partners might know the industry insid...

blog-subscribe-bg

Like what you see?

Join our mailing list to receive the latest insights on legal and accounting technology