Can your clients trust your cyber strategy?

It is not just clients’ businesses that are vulnerable to cyber-attacks - the legal profession is equally susceptible, a tech security specialist says.

Can your clients trust your cyber strategy?
The highly sensitive information that legal companies hold put them in a position of vulnerability, says Howard Nicholls, general manager of tech security firm Network Box.
“If systems were compromised, the personal and confidential nature of leaked customer information would lead to severe and potentially irredeemable damage both to clients and to the legal firm,” Nicholls told NZLawyer.
“If your own cyber protection is not sufficient, how can you reasonably advise your clients on the necessity of cyber protection to secure their intellectual assets?”
The biggest risk of a cyber-attack comes from not knowing your firm’s cyber weaknesses, he said.
He gave six recommendations to firms for becoming more cyber-aware. “These apply regardless of the size of your business.”
  1. Understand your own cyber risk profile. 
Nicholls recommended getting a cyber-assessment carried out. “These can be affordable for SMBs as well as larger companies.

“Assess your company’s capabilities for identifying and dealing with cyber threats and data breaches.

“A good report should inform in a way which is mindful of your legal business context, geography, structure, specialisms etc.”
  1. Identify areas to take action. 
Based on the results of the cyber risk profile, Nicholls recommended prioritising the areas of your firm that most need managed cyber risk.

“A good cyber assessment will suggest action plans that close current gaps in your defences and protect you from threats in the future."
  1. Identify practical solutions to the areas requiring action.
Nicholls advised that firms should develop policies, training and processes to mitigate cyber risk, as well as investing in the technology required to protect their network.

“Ensure the people within your organisation are held accountable and fully aware of their obligations to reducing your risk, from the boardroom to individual network users.

“Every member of your company has a role to play in protecting your systems and information to reduce the risk of a cyber-breach.”
  1. Implement the plan to put in place the identified solution
Nicholls continued:  “But don’t increase your business risk again by delaying,”

The cyber threat landscape is highly dynamic, new threats emerge daily. The sooner you implement new measures, the sooner your risk and associated cost is reduced.”
  1. Review and update. 
Once in place continually review your cyber risk profile and the solution plan, Nicholls advised.
“In summary - get aware, get protected.  Build your firm’s reputation as a good cyber citizen,” Nicholls said.

Free newsletter

Subscribe to our FREE newsletter service and we’ll keep you up-to-date with the latest breaking news, cutting edge opinion, and expert analysis affecting both your business and the industry as whole.

Please enter your email address below and click on Sign Up for daily newsletters from NZ Lawyer.

Recent articles & video

Wynn Williams consultant is ‘a lawyer by trade but a historian by passion’

Final week to nominate an outstanding woman leader

Russell McVeagh backs Auckland Airport in new vaccination campaign

Withers captures Bird & Bird partner for Hong Kong practice

Russell McVeagh advises on world’s first shipping loan to receive CBI certification

2021 In-house Legal Summit looks into risk management for in-house lawyers

Most Read Articles

High Court gives Southern Response go signal for direct claims settlement

Who are the women trailblazers in the New Zealand legal profession?

Russell McVeagh advises on world’s first shipping loan to receive CBI certification

HGM partner scores Emerging Director Award from Institute of Directors