A new guide for solicitors setting out steps to help reduce the risk of cyber attacks has been published today by the Law Society of Scotland.

The Guide to Cybersecurity sets out key risk areas, the potential impact and consequences of a cybersecurity breach and what solicitors, and their staff, can do to help significantly reduce the likelihood of a successful attack on their business. It also highlights the need for a well thought out response and disaster recovery plan in the event of a successful cyber attack.

A copy of the guide, which has been sponsored by IT consultancy Quorum and cyber security company Sapphire, will be sent to all law firms. It can also be read on the Society’s website.

Helena Brown, vice convener of the Society’s Technology Law & Practice Committee, and data protection and intellectual property partner at Addleshaw Goddard, commented: “While there is no shortage of information on cybercrime and cybersecurity in general, we specifically wanted to have a look at the issues from the perspective of solicitors and legal practices.”

With increasing numbers of businesses being affected by frauds and scams, Ms Brown said cybercrime was one of the most important challenges they currently faced.

She added: “Many of the threats to legal firms are no different to other businesses but in the legal world, where keeping client information confidential and client funds secure are paramount, the consequences of not having a robust cybersecurity plan in place can be extremely severe, not only in terms of potential data or financial losses but also to the reputation of the firm."

James Frost, managing director of Quorum, observed: “With the increasingly hostile threat landscape, cyber security is now one of the top priorities for all law firms to ensure their data, finances, and ultimately their reputation are protected. Quorum believes it is important that firms are armed with as many tools as possible to defend themselves and that’s why we chose to support the Law Society’s new guide.”

Sapphire CEO Annabel Berry said: “We wholly support the new cybersecurity guidance. Having specialised in cybersecurity for 21 years, we fully endorse the pragmatic advice which the guide offers and the practical steps recommended for every law firm to take to ensure their data, assets and users are as secure as possible.”