Cyber-crime and your obligations – SRA practice note

Quality PI has provided their insight into the SRA practice note that covers cyber-crime and your associated obligations with it.

Attention Law Firms! 

The Solicitors Regulation Authority (SRA) has recently released a practice note giving instruction (and not just guidance) on how it wishes firms to react to cyber-attacks in the wake of the breach of the security protocols of CTS, and its effect on the legal sector.  

It emphasizes the need for law firms to frame their cyber-security in terms of their obligations to clients and the firm, and that any significant breach of the firm’s protection should be reported.

Did you know that:
    • One of the things that cyber-Insurers offer to their customers is an emergency triage service that acts immediately to recover client money if it has been intercepted (if it is not too late)? Professional firms specialize in tracking and recovering funds and work alongside Insurers to do this
    • With Cyber-Insurance, where a firm has to notify the data commissioner of a leak, there is protection in place in the event that the management team are called to account on any regulatory matter?
    • The policy, if purchased, will also assist with the inevitable reputational issues which occur where there is a wider loss of client funds, and where often firms struggle to survive as a result of a loss of confidence?

Policy wordings vary and some Insurers will exclude pre-existing viruses lurking in their systems prior to going on cover, so we would advocate speaking to a knowledgeable broker who can help with the scope of coverage.

Having a cyber-policy in place is crucial for any business.

Not only does it demonstrate to the SRA and the Information Commissioner’s Office (ICO) that cyber-risk is high on your agenda, but it also shows that you are taking the risk seriously.

The financial protection provided by the cover is just the beginning – the services that accompany it offer additional strength to your risk management.

Protect your business and show your commitment to cyber risk management by implementing a robust cyber policy today.

 

Kindly shared by Quality PI