Can your clients trust your cyber strategy?

It is not just clients’ businesses that are vulnerable to cyber-attacks - the legal profession is equally susceptible, a tech security specialist says.

The highly sensitive information that legal companies hold put them in a position of vulnerability, says Howard Nicholls, general manager of tech security firm Network Box.
“If systems were compromised, the personal and confidential nature of leaked customer information would lead to severe and potentially irredeemable damage both to clients and to the legal firm,” Nicholls told NZLawyer.
“If your own cyber protection is not sufficient, how can you reasonably advise your clients on the necessity of cyber protection to secure their intellectual assets?”
The biggest risk of a cyber-attack comes from not knowing your firm’s cyber weaknesses, he said.
He gave six recommendations to firms for becoming more cyber-aware. “These apply regardless of the size of your business.”
  1. Understand your own cyber risk profile. 
Nicholls recommended getting a cyber-assessment carried out. “These can be affordable for SMBs as well as larger companies.

“Assess your company’s capabilities for identifying and dealing with cyber threats and data breaches.

“A good report should inform in a way which is mindful of your legal business context, geography, structure, specialisms etc.”
  1. Identify areas to take action. 
Based on the results of the cyber risk profile, Nicholls recommended prioritising the areas of your firm that most need managed cyber risk.

“A good cyber assessment will suggest action plans that close current gaps in your defences and protect you from threats in the future."
  1. Identify practical solutions to the areas requiring action.
Nicholls advised that firms should develop policies, training and processes to mitigate cyber risk, as well as investing in the technology required to protect their network.

“Ensure the people within your organisation are held accountable and fully aware of their obligations to reducing your risk, from the boardroom to individual network users.

“Every member of your company has a role to play in protecting your systems and information to reduce the risk of a cyber-breach.”
  1. Implement the plan to put in place the identified solution
Nicholls continued:  “But don’t increase your business risk again by delaying,”

The cyber threat landscape is highly dynamic, new threats emerge daily. The sooner you implement new measures, the sooner your risk and associated cost is reduced.”
  1. Review and update. 
Once in place continually review your cyber risk profile and the solution plan, Nicholls advised.
“In summary - get aware, get protected.  Build your firm’s reputation as a good cyber citizen,” Nicholls said.

Recent articles & video

Chapman Tripp, DLA Piper confirm roles in SolarZero/NZGIF financing structure deal

Supreme Court refuses appeal in joint venture misrepresentation case

Legal changemaker shares insight on how to be a great lawyer and influence the profession for the be

Bill bolstering parental leave benefits passes first reading

Third annual Service Provider Awards now open for entries

Ex-EY global vice chair announced as new global CEO at Dentons

Most Read Articles

The most influential members of NZ’s legal profession for 2024 revealed

Lane Neave welcomes additions to senior ranks

New senior associates called up in MinterEllisonRuddWatts promotions

High Court reduces sentences in animal neglect case against horse owner