Security

Pegasus spyware scandal: what lawyers need to know

Back in April 2021 I wrote an article for this newsletter about the Sunburst cyberattack, referencing a blog from Microsoft President Brad Smith in which he warned that mercenary-style technology companies, known as private sector offensive actors (PSOAs), are increasingly selling hacking tools to nation states. He specifically urged the US administration to take action […]

Read More

Bookmarks April 2021

Cybersecurity for Lawyers is a wiki from Neil Brown of internet, tech and telecoms law firm decoded.legal. It’s a primer for lawyers on practical cybersecurity for law firms. Straightforward, no fuss, detailed but easy to follow advice – for example this on passwords. Lawtomated is a collaborative learning resource aimed at lawyer and non-lawyer alike […]

Read More

State sponsored cyberattacks: what lawyers need to know

Sunburst: a moment of reckoning Towards the end of 2020, the National Security Agency (NSA) issued a warning, claiming that “Russian state-sponsored malicious cyber actors” had essentially hacked into a piece of network management software belonging to SolarWinds, which was installed on networks belonging to US government agencies and almost all Fortune 500 companies. Following […]

Read More

Mitigating the risks of cyber attacks from remote working

As lockdown slowly eases, hopefully for the final time, it remains unclear to what extent the changes to the world of work forced on us by the pandemic are here to stay. Although the Government wants to encourage people back into their workplaces, two thirds of employers are planning to retain a significant degree of […]

Read More

Online Safety Bill upcoming

We previously reported on the Online Harms White Paper in 2019, in which the government set out various proposals to reduce illegal and harmful online activity. The government has now published its full response to the consultation process. The government plans to take forward most of its original proposals, in the form of a forthcoming […]

Read More

Why implement https?

HTTPS stands for Hyper Text Transfer Protocol Secure, the secure version of http, the protocol for communicating data between your browser and the websites that you are connected to. https ensures that all such communications are encrypted. Benefits of https For several years now technical experts have highly recommended the use of https instead of […]

Read More

What is encryption?

Encryption is a way of making data secure, so that it can only be accessed by authorised parties. Cryptographic techniques are used to render information unintelligible to any third parties whilst it is being stored on an electronic device such as a laptop or smartphone, or during its transit from sender to recipient over the […]

Read More

Apps and Cyber Crime – avoiding the security hazards of working on the go

Clients are demanding Apps for real-time communications, lawyers need them for remote working. But how do we improve the security of apps in order to prevent any data security breaches? Law firms are prime targets for cyber-attacks due to the amount of money they hold for clients and the sensitive information they control. Clearly, remote […]

Read More

IT security for barristers

Although written for barristers, the recommendations below would broadly apply to any lawyer practising without the support of an IT team. As a practising barrister, your working life is probably busy, hectic and mentally exhausting, and the thought of having to consider the security of your IT equipment is more than likely not one that […]

Read More

10 steps to becoming cyber resilient

Most legal practices have yet to get to grips with the idea of “cyber resilience” but it is a strength that they urgently need to acquire now. Only then can a legal practice develop and deliver new IT-supported service propositions that can add significant value to services for clients, introducers and business partners. The need […]

Read More