Insight: Managing Risk From The Top Down

In this short blog series, Lawyer Checker’s Jennifer Williams outlines the importance of having a positive cyber culture in your work environment.

"Do as I say, not as I do"

How many of us would hear this from our parents growing up? Challenging behaviours we knew to be inappropriate because that’s what we’d been told or seen. But they were allowed to get away with it because they were our parents, or more ‘senior’, or more ‘experienced’.

And yet there was always a sense of injustice; why is it ok for them but not for me?

In any culture the attitude and action of those at the top of the pile pervades and influences those below, whether they want it to or not.

The same principle applies when it comes keeping your business cyber secure. If the leader of the organisation isn’t interested, then why should the team below be vigilant. This type of culture is something that cyber criminals want to exploit, and some have done to great success. 

 When it comes to cyber security there are 2 key competency considerations to reducing risk.

Technical Competencies

Technical Competencies are the sorts of control measures that are implemented by IT technicians. Ensuring that all your networks, routers, equipment, storage, internet (including WIFI), are secure and password protected are one of the things you can do to reduce your risk.

Cultural Competencies

Creating a working environment in which staff are trained and alert to risks. This will include social engineering, phishing, hacking attacks to name a few, and encouraging the team to report anything they think is suspicious or that they’re concerned about to the correct person in the organisation.

Cyber security is most effective when both the technical and cultural competencies work together to provide as safe a working environment as possible. Effectively slamming the door shut on potential criminals hoping to exploit the firm’s cyber weaknesses.

With 60% of law firms affected by a cyber security incident in 2018 the risk is very real. The sort of data law firms hold is valuable to criminals, not to mention the sums of money involved when it comes to transferring funds as part of property, probate and PI matters.

It is critical then that any cyber risk strategy is adopted from the top down and the leaders take a “practice what you preach” attitude to adoption.

Find out what law firm leaders and partners need to know about protecting your law firms by watching our webinar here. 

Lawyer Checker (Part of The Practical Vision Network) provide a range of products and services for law firms to help them combat cyber fraud. Request more information about our award winning Lawyer Checker conveyancing fraud toolkit, and becoming Cyber Essentials accredited from as little as £350 plus VAT.