The Law Society in Wales has secured Welsh Government funding to offer law firms based in Wales the National Cyber Security Centre approved Cyber Essentials and Cyber Essentials Plus certification to strengthen the cyber security of law firms across Wales.
The Law Society has also announced that Pure Cyber has been appointed as its delivery partner for this project.
Why Cyber Essentials?
Law firms hold sensitive data and manage large financial transactions which make them a lucrative target for cyber criminals. Coupled with the rapid adoption of digital solutions and new legal tech, it the Law Society said that ‘it is essential that firms have the processes and layers of security in place to improve their resilience to the threat of cyber attack’.
How can I improve the cyber security of my firm?
The best way for law firms to mitigate the risks that they face, and their impact, is to take the necessary steps to improve their cyber security posture.
Wrapping your technical controls in governance policies and ensuring that staff at all levels receive cyber security training will eliminate the low-hanging fruit that cybercriminals hope for.
What is Cyber Essentials?
Cyber Essentials is a simple but effective, government backed scheme that will help you to understand how you are able to protect your organisation, whatever its size, against a whole range of the most common cyber-attacks.
Cyber-attacks come in many shapes and sizes, but the vast majority are very basic in nature, carried out by relatively unskilled individuals. They’re the digital equivalent of a thief trying your front door to see if it’s unlocked.
Why complete Cyber Essentials?
Quite often organisations are asked to achieve cyber essentials as part of a requirement to an existing or potential contract or for regulatory reasons.
It is also useful as a stop check to ensure the IT team (internal or external) are taking the basic steps to keep your systems secure.
The certification demonstrates to partners, customers, and suppliers that your organisation undertakes the basic requirements of cyber security.
Cyber Essentials Standard or Plus?
There are two levels of certification:
Cyber Essentials Standard
This is a self-assessment online questionnaire that attempts to explore how your organisation protects itself against the most common attack and basic forms of cyber-attack. Undertaking a Cyber Essentials standard assessment will highlight the basic areas that you need to improve upon. Through this project the provision of Cyber Essentials is fully funded for law firms in Wales.
Cyber Essentials Plus
This higher level of assurance requires the completion of Cyber essentials standard first which is then followed by a technical audit that includes tests against your antivirus solution, email protection, default passwords as well as patching (ensuring your computer software is up to date). The provision of Cyber Essentials Plus certification is part funded through the project and available at an affordable rate.
You are required to complete your Cyber Essentials Plus audit within 3 months of your last Cyber Essentials standard certification.
The PureCyber Operations team will work with you to achieve your Cyber Essentials, supporting you through each step of your firm’s application.
Apply for your funded Cyber Essentials on the Law Society website, here.