Friday afternoon computer issues are the last thing any Conveyancer needs, but how often is a phishing email put down to IT issues? At the busiest of times it is easy to overlook simple spelling errors, a slight change in email addresses and an inconsistent use of telephone numbers.
The Government recently introduced a ‘Cyber Essentials Scheme’i that aims to provide a framework of how to avoid simple threats and clean up any bad habits that may have been developed. This is essentially a bare minimum that firms should be working towards to ensure that they are not another story in the tabloids.
Weightmans partner, Mickaela Fox, commented:
“Law firms will always be at risk from cyber attacks because of the assets they hold, the type of transactions they do and the access they provide to other organisations. Firms need to recognise that risk and manage it. Cybercrime is not just an IT problem so the risk cannot be effectively managed with an IT solution alone. Staff need to be educated about why the firm is a target for cyber criminals and the methods used by them to attack the firm’s confidential data, client account, disrupt its operation –whatever the criminals’ objective may be.
“Cybercrime represents one of the biggest risks to professional service firms, and whilst we have seen criminals adapting their approaches as public awareness of cyber crime grows, it shows no sign of abating.”
The risk is growing, cyber insurance is an area that more firms may look towards to make sure that they are securing against potential losses but by this point the damage has already been done and it’s a case of too little, too late. It is imperative that the correct and proper due diligence is being carried out to shrink the target for all parties involved, when and where possible preventative measures should be put in place.
Conveyancers are generally high-risk to insure. Some PI providers maintain that only the more experienced within the profession-those who have been through the recession and completed a greater deal of transactions, are the only firms able to provide evidence of a robustness that reduces premiums. However this does not always mean that the firm has had the time to implement the correct training against cyber scams, and even when this has been implemented it does not offer a guarantee to deter cyber criminals picking your firm, far from it.
i https://www.gov.uk/government/publications/cyber-essentials-scheme-overview
