Cyber crime is big news at the moment and not just for law firms. The recent high profile attack on the NHS provides yet another example of why all businesses must be alert to the dangers of Cyber Crime.
Beeston Shenton Solicitors take cyber security very seriously and have implemented a strategic and practical action plan to mitigate risks posed by the threat.
In putting cyber crime and management of cybercrime high on our agenda we are committed to an ongoing and rigorous scrutiny of practices and systems to effectively manage and reduce risks. Just a few of the practical steps we have taken are listed below and demonstrate that management of cyber crime is inextricably woven into our daily working lives.
How Are Beeston Shenton Managing Cyber Crime?
- Reading guidance notes from relevant sources such as the Law Society and SRA provides practical guidance for our team on what to do in case of a threat or attack and helps inform our disaster recovery planning, policy updating and staff training schedule.
- The firms Disaster Recovery Plan incorporates a plan of action in case of a cyber attack along with an incident response plan so that should the firm fall foul of a cyber security threat everyone has access to a structured plan of action with clear accountabilities.
- Along with the Disaster Recovery Plan a review of all security policies to ensure a proactive approach to cyber crime is essential as well as having a dedicated policy addressing cyber crime.
- Ensuring that staff are trained and made aware of the risks and how these may arise in real situations (on a day to day basis) is key, as our team members take the calls and handle the emails that may contain threats. Being trained and on alert to cyber crime means our team are aware and know what to do in case of threat or risk.
- Communication with employees is crucial so that all are clearly aware of the risks and their roles in managing them. Because the firm as a whole is at risk, ensuring that staff are up to date and alert to the very real threats is essential. Training and regular items on meeting agenda’s to address cyber security can help raise staff awareness; as can communicating with them when any threats arise or specific actions plans are discussed. Cyber crime can affect everyone no matter what their role in the firm so ensure everyone is included in your management and mitigation plans.
- Review of terms and conditions and other client related paperwork including electronic communications and implementation of initiatives to manage cyber crime risks such as amended footers on emails assists in the effective management of communications with relevant parties.
- Discussion with clients of what is needed from, and expected of them, in terms of managing cyber security can be held at meetings or on calls and helps protect client as well as firm interests.
- Make sure your internet, email and network systems are secure giving special consideration to accounts departments and where it may be appropriate to have differentiation of systems to reduce risks i.e. separate PC’s for banking with no email facility or separate fax lines for completion statements . Ensure all Virus/SPAM filters are up to date and working as effectively as possible and address any concerns in this area as a matter of urgency.
These are just a few of the actions that Beeston Shenton Solicitors are taking to manage cyber security within the firm. We hope that our management in this area will substantially help to protect our clients as well as our firm.