1 / 23

Cybercrime in Law Firms: Protecting Your Business in Today's Digital Landscape

Learn about the risks of cybercrime targeting law firms, behavioral aspects, impacts, email scams, and preventive measures. Join industry experts in a panel discussion on safeguarding legal practices.

hoseam
Download Presentation

Cybercrime in Law Firms: Protecting Your Business in Today's Digital Landscape

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cybercrime: protecting your firm Robert Loughlin, Executive Director, SRA Senior representative, National Cyber Security Centre Dr John Blythe, Cyber psychologist, University College London Dr Debra Malpass, Head of Research, SRA Dee Pang, Chief Information Security Officer, Slaughter and May

  2. Today’s session Introduction to cybercrime • Why cybercrime is a risk • Type of reports received Behaviour aspects of cybercrime • Cybercrime email trial results • Quiz Panel discussion Summary

  3. The solicitors and law firm market Across England and Wales we regulate: 10,400 Firms 185,000 Individuals 750 ABS

  4. Introduction to cybercrime Law firms targeted for money and/or information Attacks can threaten firms operations and/or reputation Widespread within the UK

  5. Cybercrimes and scams Email Modification Hacking CEO Fraud Identity theft Malware

  6. Behavioural aspects of cybercrime What percentage of firms reported having some kind of information security incident in 2017? • 30% • 40% • 50% • 60% • 70%

  7. Results What percentage of firms reported having some kind of information security incident in 2017? • 30% • 40% • 50% • 60% • 70% % % % % %

  8. Behavioural aspects of cybercrime How many reports did the SRA receive regarding cybercrime in 2017? • 157 • 1,570 • 15,700 • 157,000

  9. Results How many reports did the SRA receive regarding cybercrime in 2017? % % % % 157 1,570 15,700 157,000

  10. Impact on the legal market 2018 2017 Jan - Mar Email modification fraud accounted for more than 70% of all cybercrime reports to us 157 £10.7m Email fraud reports to us risen by 25% since 2017 client money reported lost to cybercrime reports to us about cybercrime

  11. Cybercrime Email Trial: Day of the week Key facts • 7,295 firms involved • C2,400 in each group • 6 week trial period

  12. Results Does the timing of the messages affect how firms engage with the communications?

  13. Cybercrime email trial: Subject line Help the SRA! Key facts • 10k firms involved • 3,300 in each group • 3 month trial period – 3 end of month emails Could you be next? You wouldn’t fall for this, but…

  14. Initial results Does the tone of the messages affect how firms engage with the communications?

  15. Behavioural aspects of cybercrime Who do you think should be responsible for cybercrime issues within your organisation? • IT team • Senior Management team • Individual managers • Everyone

  16. Results Who do you think should be responsible for cybercrime issues within your organisation? • IT team • Senior Management team • Individual managers • Everyone % % % %

  17. Behavioural aspects of cybercrime Who is currently responsible for cybercrime issues within your organisation? • IT team • Senior Management team • Individual managers • Everyone

  18. Results Who is currently responsible for cybercrime issues within your organisation? % % % % • IT team • Senior Management team • Individual managers • Everyone

  19. Behavioural aspects of cybercrime What do you think are the most important things that you/your firm can do to address cybercrime? • Raise awareness • Train staff • Implement effective IT systems • Implement better business processes (for example not allowing clients to change their bank details over the phone/email)

  20. Results What do you think are the most important things that you/your firm can do to address cybercrime? • Raise awareness • Train staff • Implement effective IT systems • Implement better business processes (for example not allowing clients to change their bank details over the phone/email) % % % %

  21. Cybercrime Panel discussion • Robert Loughlin, SRA (Chair) • Senior representative, National Cyber Security Centre • John Blythe, Cyber psychologist, University College London • Debra Malpass, SRA • Dee Pang, Slaughter and May

  22. Over to you • Questions? • Comments/observations • Any best practice to share?

  23. Thank you Find out more: Technology and legal services paper IT Security paper Risk Outlook

More Related