Protect Against Cyber Threats - Cyber Essentials

Make sure this doesn't happen in your law firm

Cyber Essentials Certification


Fill the gaps in your cyber-security to give piece of mind and assurance for you and your clients.

Prevent Expensive, Damaging Cyber Breaches


Get Cyber Essentials Certified to fill gaps in your cyber-security to get peace of mind and assure your clients.

Working towards and achieving Cyber Essentials certification is the clearest way to mitigate against the most common cybersecurity threats, including phishing, hacking and password guessing.


See the 4-steps to achieving accreditation here. 


We can help you put this in place AND help you get more out of your legal IT systems too.


What is "Cyber Essentials"?


This is a Government-backed scheme  that will help your practice - whatever size - to minimise the risks associated with unsecure or unprotected technology.  It will help to prevent your people from making the inevitable human errors that result in cyber breaches that happen very easily and often, as most of us know from experience. 


It identifies the fundamental security controls that your practice should have in place now.  Certification demonstrates to your clients and prospects that you have introduced sound controls to protect them.


Why should you get your systems certified?


  • Up to 80% of cyber-attacks can be prevented by following good practice. 


  • Your clients understand the assurance of a certificate because they need this too.


  • It is NOT expensive.  The certification itself costs just between £300 and £500 depending on the size of your business. 

 

  • The Cyber Essentials framework is the most cost effective way to achieve a basic and solid level of protection.


  • The new Lexcel standard now makes at least a move towards certification a requirement.


  • These controls fit neatly with GDPR, to reinforce how people should work here too.


  • It provides a sound framework to enable you to identify and address current failings.


  • To answer the "cyber security" assurance question when bidding for new business, with many corporate clients now listing Cyber Essentials accreditation as a prerequisite.


  • Some of your competitors have been doing this since 2016.


  • You should be able to reduce your Cyber insurance premiums and to cover "Silent Cyber" events NOT COVERED by PII.


  • Your confidence that your use of IT is safe and secure will help you sleep better.

 

If you don't?


Even before the lockdowns, with people working from home, which increased the risk of breaches - according to a 2019 report on fraud and cyber-crime vulnerabilities in the legal sector, law firms in the UK remain susceptible to cyber attacks.


  • 91% of firms are exposed to having their website addresses spoofed and used to send spam, phishing or otherwise fraudulent emails


  • 81% of firms were running at least one service, such as an email server or webserver, with a well-known vulnerability that could be exploited by hackers


  • 21% of firms had at least one service that was using software which was out of date and no longer supported by the developer, putting them at higher risk of attack and service failure.


Read more here >>

CONTACT Frank Manning for more information and to discuss your specific requirements.

How we help you get Certified?


We do this in 4 stages to take you through Cyber Essentials at your pace, depending on the resources and skills available to you.  We interpret how best to apply the requirements in your practice, giving you easy access to experienced, pragmatic advice and hands-on support all the way.


What you need in place


Achieving a basic level of cyber security is about the legal IT systems and practices that you build into your law firm, ensuring that they are understood and adopted by your people in 5 technical areas to ensure you can do your best to:


  • Secure your Internet connection
  • Secure your devices and software 
  • Control access to your data and services
  • Protect from viruses and other malware 
  • Keep your devices and software up to date


Cyber Essentials certification can be achieved through self-certification if the five technical controls are in place and managed correctly.  We will help you to identify gaps, implement and refine improvements to how you operate now before applying for certification.

  • 1 - Gap Analysis Audit

    We carry out a thorough gap analysis audit of your organisation based on the detail of the 5 Cyber Essentials technical controls.


    An objective, independent review of your business will identify, prioritise and then offer guidance on how best to deal with the key gaps and risks that you will need to address.

  • 2 - Gap Analysis Report & Action Plan

    Our comprehensive report outlining what needs to be done to prepare for certification.


    Our Cyber Essentials Gap Analysis and Report presents you with a clear picture of the areas in your business that need attention; you can then make an informed decision as to whether you will do it yourself, get a little help or get a lot of help!  


    It is important to get this right as any follow up and remedial work will probably involve time and investment.  If your focus is wrong then this will be wasted and you might not end up much closer your goal.

  • 3 - Implement Changes

    Whatever stage you are at (or whatever cybersecurity issues you are facing) we can help you through fairly priced, effective and pragmatic consultancy.  Cybersecurity is long term commitment and cannot be ignored.  It’s a combination of technology and operational practices. 

  • 4 - Complete Certificate Application

    When changes have been made and remedial work carried out we work to submit the certification questionnaire on your behalf and follow up until you are certified.

Share by: