CYBER RISKS: practices urged to be proactive on security


Cyber risks - including data loss and hacking - are likely to trigger a surge in litigation against law firms, insurance broker Aon has warned.



Tom Sheffield, technical director at Aon, told the Gazette more law firms face being sued by clients if they lose or accidentally leak electronically-stored data - particularly if the breach has a detrimental effect on the outcome of a case or deal.



He said: 'Some of the most sensitive data is held by law firms... including privileged information... We expect that litigation is going to increase against lawyers for failure to protect data.



'Even if it is relatively minor [the leak], it can be big for lawyers because we're then talking breach of confidentiality.'



Sheffield also warned that hackers will always be ahead of the game, so firms will always be 'reacting to changing cyber risk', which he described as 'a bit frightening'.



Firms should have procedures in place to limit any damage from leaks or hackers, such as closing down systems as soon as there is any evidence of hacking, he said.



Graham Cluley, senior technical consultant at computer security firm Sophos, agreed that more litigation was possible and warned that small firms without a dedicated IT team might face greater risks.



He added: 'Big companies have had information about customers stolen... at the very simplest level you need anti-virus software, security patches and firewalls.'



Cluley said firms should ensure any confidential data held on laptops is encrypted so if they are lost, or accessed without permission, a criminal would not be able to use any information stored on them.



Anita Rice