Cyber security week at Cripps
The number and variety of cyber security attacks in the legal industry has increased significantly in recent years. With the potential financial rewards high, hackers will go to great lengths to steal business and client data. To highlight the importance of cyber security within the firm, in mid-July we hosted a full week of activities and events.
Our CIO Jo Owen launched the initiative to the firm explaining ‘it has never been more important (especially over the past year where working from home has been more prevalent), to remind ourselves of the threats that face our business. As a law firm, we are a clear target for cyber criminals due to the nature of our work and the data which we hold. It is essential that we continue to educate our staff of these risks and the measures we have in place to protect us all’.
The week was crammed full of activities designed to raise awareness and educate staff. These included a presentation from Rob Shapland (Head of Cyber Innovation and ethical hacker from Falanx), who joined us in our Tunbridge Wells and London offices to share his knowledge on key cyber security topics, including home working, social engineering, email phishing and passwords. He shared insightful (and somewhat scary!) examples of cyber-attacks and his company’s experience of hacking into clients IT systems. Kathryn Rogers, Head of our Commercial team, chaired a panel debate with our DISCO (Data & Information Security Compliance Officer), and ICT Team on data protection, GDPR, and keeping clients data safe. Our ICT and Risk & Compliance teams held Q&A sessions throughout the week to build knowledge and understanding of our systems and processes, share useful advice on best practices, and proactive measures to secure our systems, networks and data.
Guidance was shared on best practice around deciding and remembering passwords, home and personal security (including the use of social media and home set ups), as well as other important topics, such as keeping children safe whilst online, the psychology behind hackers and information security within the legal sector. The firm has subsequently made a number of changes with a view to improve our peoples experience of using technology, whilst improving security standards in line with ISO27001.
Feedback from staff across the firm was extremely positive. Head of Legal Support, Nic Paffard said “it is incredibly important to remind us of the threats we face on a continuous basis, and how much infrastructure, processes, training and tools are available to safeguard not only our data, but our reputation. Well done team for creating such an informed week”.
Mandatory training has also been provided to staff across the firm to ensure we cohere to our ICO obligations, but also to provide a reminder of everything we have learnt during the week. Given the increasing threats to data security, we remain committed to ensuring that our staff are aware of the potential risks.