"Cybercrime is a near-constant threat to law firms." This is something we are now all far too used to hearing. But it is true, and because of this increased risk, good cyber security is now necessary to achieve Lexcel accreditation. Smart advances in cyber-attacks mean that staying up to date is certainly the first line of defence.

The nature of the information Law firms hold mean they become attractive targets for cyber-attacks. The risk outlook 2018/19 report by the SRA found that cybercrime has risen 52% against law firms in recent years. This included crimes such as email modification fraud, phishing and malware, among others. All of which can pose devastating consequences for the company and their reputation. When cyber-attacks are successful, firms can lose access to their technology systems, have funds stolen, and suffer data breaches.

This threat has been recognised to the point that the popular Lexcel scheme now requires its members to show basic cyber security to achieve accreditation. An increased reliance on technology means that firms need to continually add new safety measures to prevent attacks.

The latest revision of the Lexcel standard, now states that “Practices must have an information management and security policy and should be accredited against Cyber Essentials.” Granted, this is not a direct requirement to achieve accreditation, but it does make it clear that Cyber Essentials ensures the necessary requirements are met for minimum cyber security levels.


What is Cyber Essentials?

Cyber Essentials is a government backed scheme. The purpose of which, to help organisations guard against the most common cyber-attacks. Designed to be size agnostic, Cyber Essentials allows firms to ensure they are meeting the minimum requirements to maintain IT security. At its most basic level, Cyber Essentials consists of a self-assessment. Your firm completes the questionnaire, which oversees what measures are currently in place. This is then verified by a certification body to confirm if the standard has been achieved.


Why is Cyber Essentials important?

Cyber Essentials lets everyone know that you’re taking cyber security seriously. Most cyber-attacks are actually very basic in nature. Having a few measures in place can set the groundwork to prevent these attacks from being successful.

It also shows that you’ve got the structure in place to keep information secure. This includes simple IT protections including firewalls, patch management and user access control. Though simple, each method is highly effective at preventing cyber criminals from succeeding.

By taking cyber security seriously, you show a commitment to ensuring the best for your customers. Your reputation can be boosted, with a knock-on effect on business too.


How can you get Cyber Essentials?

As mentioned, Lexcel accreditation now advises that Cyber Essentials should be gained. There are 2 forms available, both of which can be supported by Oosha.

The first is the basic level of Cyber Essentials. This consists of the self-assessment questionnaire. Cyber Essentials Plus has the added element of internal vulnerability testing. This looks at the current systems in place as well.

Working alongside a tech company can highlight issues which may prevent successful application. It can also make it easier to work to resolve these, so a pass is achieved. 


Matthew Newton
Matthew Newton
Managing Director, Oosha
lexcel hexagon image

“Practices must have an information management and security policy and should be accredited against Cyber Essentials.”

Lexcel Standard


Is your legal IT platform still fit for purpose?

Improving tech provision is a huge issue for law firms. A recent PWC survey showed that all the top 10 law firms rated technology as a challenge to tackle between now and 2020. But recognising a challenge and a...

Key technology considerations for merging law firms

They say if you can’t beat them, join them. So in the highly competitive legal industry, it should perhaps be no surprise that mergers take place so frequently. In 2017 alone, there were 16 mergers involving th...

How an ageing IT platform impacts law firm performance

Since the birth of the digital era, the rapid rate of technological change has laid down a number of significant challenges to the legal industry. Firstly, there’s the challenge to keep up to date with the lega...


Like what you see?

Join our mailing list to receive the latest insights on legal and accounting technology