Cybersecurity for law firms
It makes no difference how large or small your firm is, or where you are located. Large trust account balances, exposure to high value transactions (ie conveyancing) and the confidential information contained in your files, are rich sources of potential revenue for cyber criminals and malicious actors. Make sure your practice is resilient and secure.
There are two things we can agree on before you read further:
1. It took a lot of effort to get to where you are now. Obtaining an unrestricted practicing certificate was a long and difficult road, and keeping that certificate requires continued diligence and effort.
2. Cybersecurity is an issue that you have to deal with, but your expertise is the law and finding someone you can trust to provide the right advice is difficult. You attend seminars, read articles, watch the news, it is all cyber doom and gloom, threats here, threats there. The whole thing is overwhelming, what do you actually need, who do you believe, what do you do?
Being “cyber secure” is a continuum. Your firm will sit somewhere between doing absolutely nothing to being so secure that the effective practice of law is now impossible. Your appetite for risk (both known and unknown) will determine where your firm sits on that spectrum.
As the principal of the firm you bear the ultimate responsibility for the security of the confidential information your firm holds.
PRACTICE RESILIENCE®
Our approach is based on the Practice Resilience® methodology, which provides legal practitioners with the Information, Communications and Technology (ICT) security infrastructure to ensure they can continue to practice in the current environment of continual cyber threats.
USE WHAT YOU ALREADY HAVE
Over 90% of all law firms use Microsoft Office and Windows 10/11, our IT, security and compliance services are based on the Microsoft 365 platform, leveraging your existing investment and providing a cohesive platform to work from.
THE LEVEL OF SECURITY YOU NEED
Taking into account the specific requirements of your legal practice, our cybersecurity program ensures you meet all the requirements (where applicable) of:
- The Australian Cyber Security Centre Recommendations
- Best Practice Security Implementation for Microsoft 365
- Recommendations from professional insurance organisations
- Profesional, ethical and practice rule obligations
- Law Council of Australia’s Cyber Precedent Risk Management principles
- Applicable NIST Cybersecurity Framework Recommendations
- Microsoft Azure Baseline Security Recommendations
- Various legal platform requriements (ie PEXA Cyber Security Guidelines)
SPECIFIC PRACTICE REQUIREMENTS
Depending on your practice area and the clients you work with, you may have specific requirements that need to be addressed in addition to the security baseline. As an example, if you work in family law, there are very precise data retention guidelines for information concerning children.
NEXT STEPS
We have developed cybersecurity precedents specifically designed for differnt firm types and practice areas, they encompass the regulatory and technical requirements that your firm, should be meeting. Our precedent begins with the baseline recommendations of the Australian Cyber Security Centre (Strategies to Mitigate Cyber Security Incidents) and enhances protections to address the underlying causes of cyber breach claims made to LawCover and other cyber insurance providers.
By engaging JurisIT you get peace of mind and know that you have done everything that is expected to keep your practice and confidential information safe by meeting current best practice.
While no set of mitigation strategies are guaranteed to protect against all cyber threats the implementation of our security precedent will make it much harder for hackers to compromise your systems.