Snapshot
- Cyber risk is a growing area of professional risk for lawyers.
- Deception of individuals is a key component of many successful cyber attacks.
- Cyber resilience depends on increased awareness and behavioural change combined with appropriate technical responses
Lawyers are increasingly aware of the risk of receiving fake emails and are acting on advice to use another method to verify instructions received by email, particularly where funds transfers are involved. While this measure is vital for reducing email-enabled fraud, the risks of cybercrime impacting lawyers extend well beyond this type of email scam.
Lloyds Australia has described cyber risk as the second greatest risk to Australia’s annual economic output (Insurance Business Australia, June 2018). Law societies and legal professional indemnity insurers throughout Australia have reported increases in cyber security breaches, with potential implications for lawyers ranging from professional negligence and breach of trust claims, to business losses, reputation damage, official investigation and disciplinary action.
SMEs often have less awareness of and ability to respond to cyber attacks than large organisations. Small law practices, which hold sensitive information and act on high value matters such as property purchases, can be targeted.