Cybercrime and information security have become high-profile risks, especially for professional firms. In the Law Society of Scotland’s technology audit, almost half of survey respondents believed that maintaining cybersecurity was a challenge for law firms in Scotland.
Cybersecurity is an issue that requires the attention of all of us and not just the IT experts. In this regard, the terminology used in this area is not always helpful. The use of the words “cyber” or “digital” prefixed before more familiar words can put people off. The terms cyber-threat, cyber-risk and cybersecurity are too often used as catch-all terms and, for many, “cyber” or “digital” is still an indicator of something that is high-tech rather than commonplace.
Other terms can be confusing. “Malicious software” becomes “malware”. A type of malware that shares information with others becomes “spyware”. The act of tricking people online becomes “social engineering” or “phishing”. The truth is that this is all about internet safety and data protection. These issues can be made very simple if the jargon is removed or explained. By knowing the issues and adopting best working practices, everyone can help to minimise the risks.
Cybersecurity is an important issue for the legal profession. That is why the Society’s Technology Committee has produced a guide to help demystify some of the issues and take a pragmatic look at the risks and what solicitors can do to combat them.
The guide, which will be launched over the coming months, will provide solicitors with a best practice foundation for firms. There will be links to other sources of good advice so that members won’t need to be IT experts to help improve their firm’s security. There will be some simple steps which can help make all the difference. The guide will also include details on the risks of failing to protect data adequately, including the reputational impact that such a breach could have on a firm’s business, client relationships and ability to win work.
It is essential for the profession to have confidence in its digital future. This means being aware of cybersecurity risks while embracing opportunities for growth; and being able to assess which threats could affect business goals, whilst building the agility and skills needed to deal with them as they arise.
It’s time we demystified cybersecurity.
In this issue
- Pursuers' offers: proceed with care (1)
- Article 50: today, tomorrow and the two-year myth
- Tackling bribery: follow the US?
- Small holdings, big complexities
- Brexit: white paper, muddy waters
- Reading for pleasure
- Opinion: Caroline Kelly
- Book reviews
- President's column
- Land Register applications – the inside view
- People on the move
- Help on our shores
- The importance of thinking differently
- A new crime scene
- Embarking on the UK-EU negotiations
- Pursuers' offers: proceed with care
- From discount to premium
- The law, standing accused
- Equality – the global agenda
- The Discount Rate – what next?
- It's not over until it's over!
- Sheriff and jury – the big changeover
- Rates? Sorry, can’t help you there
- Looking beyond the U-turn
- Planning gain all round?
- Scottish Solicitors' Discipline Tribunal
- Nil rate IHT and the family home
- Voice of experience
- Quality Assurance Criteria amended
- Law reform roundup
- Ask Ash
- All change in the PRS
- I think you would like this
- Master Policy – what will be different?
- Scottish Arbitration Survey: please help
- Q & A corner: client due diligence at a distance
- Cybersecurity demystified
- Confidentiality and third-party complaints
- 1,000 student associates!