Skip to content
Go back

Article Tags:

Please choose from the following:

The case for the defence - law firms should no longer delay investment in cybersecurity

CCTV 500 website

Last week's reports that at least one major international law firm has fallen victim to a data security breach underline, once more, that the case for IT security investment has never been stronger.

In total, 48 elite law firms are believed to have been targeted by a Russian cyber criminal with one New York and London-based company, Cravath Swaine & Moore, admitting its systems had been compromised last summer.

Lax internal controls and vulnerabilities around storing data in multiple locations and devices have made law firms an obvious target for hackers intent on accessing sensitive financial information.

Despite the warning signs many UK businesses appear reluctant to safeguard their own future and that of their clients, by purchasing the equipment and technology they need to neutralise the threat of damaging attacks.

Cyber criminals can cause substantial losses to law firms, ranging from £50,000 to £2 million, by exploiting a treasure trove of data from credit card details to social security numbers.

While the average cost of a breach can put a huge strain on a business, it is arguably the loss to reputation which many legal companies may never recover from.

The stakes are getting higher.

According to research by PwC, the number of law firms reporting they had suffered from a security incident rose to 62% in 2015, up from 45% in 2014. Worryingly, a recent survey by security specialist IS Decisions has revealed that 69% of employees in the UK legal sector did not receive IT security training when they first joined their organisation. While more than half (55%) stated their organisation does not provide any security training at all.

Many law firms have historically perceived data security to be a cost with little benefit. As a result investment in modern IT infrastructure, cloud-based solutions and secure third-party data storage facilities are often unbudgeted and can appear like an unnecessary insurance.

With cyber security threats becoming more frequent and sophisticated, this mindset could finally be about to change with firms viewing IT security as like any other essential day-to-day business cost.

An ounce of prevention is worth more than a million pounds of cure. Leading commercial finance providers, such as Wesleyan Bank, can offer payment over time solutions to enable legal firms to quickly and affordably invest in preventative measures to mitigate the risk of cybercrime.

Tailored financial products can help fund the purchase of emerging technologies, such as modern encryption software, support and maintenance to guard against malware and phishing attempts.

Unsecured business loans extend to enabling businesses to invest in ongoing security awareness training and 'health check' audits from external IT consultants who can assess a firm's network security processes and flag susceptibilities to minimise potential vulnerabilities.

Additionally specialist business solution providers, including Wesleyan's General Insurance division, offer cyber insurance covering loss in the event of a data breach. Premiums for these insurances can also be paid over time using finance.

Cyber attacks are growing and now arguably represent an even greater threat to law firms than ever before. Commercial finance solutions enable the purchase of essential security technology and other intangible assets over a set period of time to ensure better cash flow management.

And while no company may ever be 100% secure, at least law firms can demonstrate they are doing everything they can to protect and maintain the trust of their clients, while remaining compliant with evolving data protection regulations.

'WESLEYAN’ is a trading name of the Wesleyan Group of companies.

Wesleyan Assurance Society and Wesleyan Bank Ltd are authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and the Prudential Regulation Authority. Wesleyan Financial Services Ltd, Wesleyan Unit Trust Managers Ltd, Practice Plan Ltd and DPAS Ltd are authorised and regulated by the Financial Conduct Authority.  Advice about investments, insurance and mortgages is provided by Wesleyan Financial Services Ltd.

Click for more information about the Wesleyan group of companies.

© 2021 Wesleyan Assurance Society