By and -

Snapshot

  • Cyber security is an essential part of legal practice management.
  • In a 2022 Federal Court case, the court made it clear that regulators consider inadequate cyber security as a regulatory issue.
  • Earlier this year, the Legal Services Board and Commissioner of Victoria published Minimum Cybersecurity Expectations for Victorian legal practitioners. Some unacceptable cybersecurity practices could constitute unsatisfactory professional conduct or professional misconduct.
  • Lawcover and the Law Society of NSW have also provided guidance on identifying and preventing cyber fraud with online resources.

Law firms regularly handle substantial funds and sensitive information. This makes them attractive targets for cyber criminals who engage in social engineering, ‘man-in-the-middle’ cybercrimes or seek ransoms to prevent the release of confidential information. Major firms DLA Piper, Allen & Overy and HWL Ebsworth have all been the subject of well publicised cyber attacks targeting operations and data.

However, smaller firms are not immune to cyber attacks and are particularly at risk of impersonation fraud and business email compromise. In the case of small firms, the target is usually funds transfers, but compromises can also lead to breaches of the Privacy Act 1988 (Cth) and loss of confidential data. The prevalence of these types of attacks makes cyber security an essential part of legal practice management.

You've reached the end of this article preview

There's more to read! Subscribe to LSJ today to access the rest of our updates, articles and multimedia content.

Subscribe to LSJ

Already an LSJ subscriber or Law Society member? Sign in to read the rest of the article.

Sign in to read more