Law firms urged to improve cybersecurity ahead of GDPR

A new study suggests that cybercrime is growing increasingly common in the legal sector, with one in five law firms claiming to have experienced at least one cyber-attack within the last month.

The research, which comes from telecoms company CenturyLink, suggests that solicitors and law firms need to invest more time and money in improving their cyber security.

This is particularly important ahead of the upcoming General Data Protection Regulation (GDPR) – which is due to come into effect in May 2018, and will bring with it tough penalties and sanctions for law firms that fail to adequately protect client data.

CenturyLink’s study of the legal sector found that three in four law firms are still “unprepared” for the GDPR.

It also found that around a third of IT directors working in-house at law firms are not fully confident that their employer is fully compliant with cyber-security legislation.

Once the GDPR takes effect, companies of all shapes and sizes – and not just law firms – will be expected to take appropriate measures to keep their clients’ data safe.

This may include installing new software or upgrading existing systems to prevent cyber-attacks, both externally and within the firm itself.

Companies who breach the rules set out by the GDPR can potentially incur huge fines, several times that of what they would be currently issued under the Data Protection Act.

Law firms and solicitors can also face possible sanctions at the hands of the Solicitors Regulation Authority (SRA), should they not meet existing data protection requirements, it has been warned.