Fighting an unseen enemy
8 Nov 16
Solicitors need more advice and guidance against the threat from cyber criminals
There is no escaping the drive to digitise. As a profession we have known that for long enough, and by and large have got to grips with devices and systems that do, after all, improve our efficiency in carrying out client work (or in some cases have to be used anyway).
But many of us would, I think, equally admit to not making the most of what we have available to us, perhaps due to a lack of full instruction; and equally it is likely that we are not up to speed with the threats posed by malevolent outsiders looking to exploit our limitations, or with the most effective countermeasures.
Such would be a proper conclusion to draw, both from the Society’s first technology survey report of the profession, and from last month’s Technology and Cybercrime Conference with which its publication coincided.
These conferences can be a bit of a mixed bag. It is very easy for those who spend their lives in IT to start talking in ways that leave others quite out of their depth. Or sometimes they simply fail to relate the relevance of their topic sufficiently to day-to-day legal practice.
Hats off, then, to the speaker who, as I report on p 24, began his presentation by recounting how he was able to access various solicitor firms’ office systems with nothing more than a smartphone and a speculative enquiry to the firms whose networks he was able to detect with it. Truly we are our own worst enemies sometimes; but that only goes to show the gaps in the knowledge and understanding of some in the profession, or their employees, who would otherwise count themselves diligent about client confidentiality.
The same speaker noted that while the practice rules charge solicitors with upholding this duty, and ensuring that employees do likewise, and the Data Protection Act also contains a clear statement about ensuring the security of personal data held, with severe penalties for breach, little guidance is available to help solicitors put this into practice.
On this front the Society was urged to do more to help. In response we were told that work is indeed in hand, though we await further detail. It is to be hoped that the outcome will not be too long delayed. We regularly hear of the threats posed by email fraudsters to conveyancing transactions and the money involved, with quite specific advice on precautions to take. From what we heard at the conference, practitioners need some more general support, in both their own and the public’s interest.