In light of the news that cyber thieves stole £11m of client money in a year, please find a comment from Adam Maskatiya, General Manager, UK & Ireland at Kasperksy Lab.
Adam Maskatiya, General Manager, UK & Ireland at Kasperksy Lab:
“Lawyers’ and solicitors’ firms hold high volumes of sensitive information, so it is clear to see why they are tempting targets for cyber-criminals. Protecting against cyber-attack attempts from these threat actors comes down to having a security strategy that covers every angle. This is especially vital in the light of new data laws: for any business holding EU citizen data, the GDPR’s requirement for a ‘secure by design’ approach to systems and processes is making cybersecurity a strategic necessity; something that must be built in to all business operations that touch or deal with personal data. Law firms must apply cybersecurity solutions to minimise unauthorised access to information. To do this, they should put themselves in the place of the attacker, determine the points of potential vulnerability and then apply a multi-layered defence strategy.
Employee education is also key to defending against cyber-attacks: further than just telling workers what they should and should not do when it comes to using technology, law firms must help their staff identify vulnerabilities that could occur during everyday scenarios – such as opening suspicious-looking emails that could put the company at risk, and fostering a security mindset that staff should apply to every situation and daily activity.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.