Sign up for our Newsletter
Keep up to date with the latest IT news, tips and guides from Dragon IS and sign up here:
Barristers’ chambers: Digitalisation and the cybersecurity threat
Cybercrime is one of the top threats faced by organisations today and with the high volumes of sensitive data held by law firms and barristers’ chambers, it is no surprise that attacks on the legal sector are rising.
Such attacks can take many shapes and forms and are increasingly sophisticated in design. The most common being phishing emails, system hacks, denial of service attacks, data breaches and ransomware.
According to the Bar Standards Board (BSB), barristers are just as vulnerable to cyberattacks as solicitors and data security remains an area of particular risk, as the use of technology continues to increase among the Bar and in the courts system.
So, how big is the problem?
The legal sector and cybercrime
- The legal sector is one of the top five sectors reporting data security incidents (ICO)
- 60% of law firms reported suffering a security incident last year (NCSC)
- Despite 82% of the top 100 law firms expressing concerns relating to cyber security, only 27% are confident their firm’s end-to-end services would be recovered following a cyberattack (PwC)
- 46% of data breaches within the legal sector are a result of staff either losing or leaking information (PwC)
- Supply chain compromises have increased by as much as 200% (NCSC)
The security challenge
For barristers’ chambers, there are two key areas that need to be addressed in relation to cybersecurity: prevention and response.
Prevention
This is about taking action to recognise and address any areas of risk, to try and prevent an attack from occurring. It’s about having robust systems and well thought-through processes in place that have security at their heart. Importantly, these systems need to be constantly updated in line with evolving security threats. Team members – being the most common way in for attackers – need to be trained and aware of the risks. Another vital element is having systems that will detect potential threats before they happen.
Response
Making plans for how an attack would be managed, were one to happen, is also important when it comes to mitigating the potential damage that may be caused – including any operational downtime, financial damage or impact on reputation. It’s about defining the risks and devising a plan of action for every possible scenario that is designed to minimise its impact. This should include disaster recovery.
Working with an external IT specialist who can help manage these issues is a popular and cost-effective solution used by many small and medium sized organisations.
It can provide access to a team of experienced professionals, who are proficient and up to date on today’s IT systems and can help you stay ahead of any threats, while also helping to streamline and improve general working practices.
For a full overview of the benefits and how outsourcing IT support works, see: Why outsourcing IT can be a gamechanger for growing businesses
GDPR and barristers’ chambers
As well as cybersecurity risks, and tying closely to such strategies, is the need for chambers to ensure they are processing personal data in a way that is compliant with the General Data Protection Regulation (GDPR). The tough new rules came into force in May 2018 and demand ‘security by design’.
As barristers hold a lot of sensitive personal data, including case notes and court papers, it’s important that consideration is given to:
- How data is stored
- Where data is stored
- How that data is secured
Find out more about how Dragon IS provided robust Data Security and Disaster Recovery solutions for legal chambers The 36 Group here.
Remote access
An additional consideration for barristers is that they need to be able to access data remotely, for example on a tablet or mobile phone when attending court. This means secure mobile access is essential. As well as being secure, accessibility and reliability are of paramount importance.
When using portable devices, data encryption is key and can mitigate against the risk of theft and a potential data breach, by ensuring people cannot then access any data that is stored on them.
Digitalisation of legal services
One of the major challenges facing barristers’ chambers today is digitalisation. While some steps are being taken to embrace the digitalisation of legal services, progress to date has been slow and many within the sector continue to use paper documents and records.
But the world is going digital. For example, banks have long promoted a switch to online and HMRC has taken high profile strides to ‘Make Tax Digital’ (MTD).
The CPS has also undergone a digital transformation, as it looks to modernise and streamline its process. On the criminal side, initiatives such as the Common Platform Programme have given barristers access to a secure server through which confidential documentation can be passed. While the Digital Case System allows parties to upload information and check the status of their case online.
Despite some teething pains, the benefits of such systems are increasingly being recognised by barristers and the judiciary.
What is likely to be a major catalyst for change is the younger generation of barristers now entering the profession. In our experience, they are arriving with more awareness for different devices and how to use them – and importantly, are happier doing so.
Combined with the growing cybersecurity threat and strict new data protection regulations, this all means there is a clear need for barristers’ chambers to ensure systems have been reviewed, are up to scratch and future-proofed, as well as providing the accessibility and reliability that is needed.
Technology-driven developments being embraced by forward-thinking chambers
Those law practitioners who are already making strides in this area, are doing so in a number of key areas:
- Working in the cloud
With the right private cloud solution, each employee of the firm can log into their personalised virtual desktop from any device. All software, files and email, go with each team member, wherever they go, allowing them to work anytime, anywhere. This means never needing to buy or manage servers again. The private cloud is the server and includes all necessary updates, maintenance, repair, backups and other management.
- Artificial intelligence (AI) and machine learning
The benefits of AI are being recognised by barristers. The technology can be useful for all sorts of routine tasks, as well as having the capability to search through vast volumes of data much faster and more efficiently than any individual person ever could. What may have taken legal aides 300,000 hours in the past, may now take just seconds. This increases the efficiency and accuracy of legal document analysis, such as briefs, memoranda, motions and pleadings.
- Automation
Automation is also starting to be adopted by some chambers. The technology presents a number of opportunities, such as for automated billing, administrative and secretarial processes. McKinsey & Company predicts that knowledge work automation will be the most significant disruptive technology to influence the world over the next 10 years. It can be used to modernise service delivery, improve efficiency, ensure compliance and mitigate risk.
The future
Whether your chambers is an early adopter of modern technology, or firmly rooted in old-school processes and behaviours, the future for the legal sector is digital.
While this presents many new and exciting opportunities, it also opens the door to different threats, which need to be managed. Understanding cybersecurity risks and having robust systems in place to mitigate them, is vital and it’s never wise to wait until an incident has occurred before taking action. Prevention will always be better than cure.
Concerned about cybersecurity or digitalisation?
Dragon IS, based in Milton Keynes, is an IT support company and cyber essentials certified supplier. Established over a decade ago, we specialise in working with small and medium sized businesses within the legal, financial and real estate sectors.
For an informal chat about how we may be able to help you, please call our friendly team on 0330 363 0055 or email info@dragon-is.com.