Whilst out of the office for the day at Manchester Law Society’s Management Conference last week, a theme that caught my attention was the risk of cyber crime to law firms. Law firms are a prime target for cyber criminals due to the high value transactions and sensitive information they hold. Cyber attacks on law firms have increased by 60% in the last 2 years alone and there are 4,000 cyber-attacks every single day. That’s 170 cyber attacks every hour. Scary right?

We all understand the risk of cyber crime and acknowledge it exists but there is still a culture of  ‘but it won’t happen to us’. But what if it does? And what additional measures can you put in place to protect your firm?

The National Cyber Security Centre released data that the average cost of an attack to a business is £4,200 for small businesses and this raises to £19,400 for medium and large firms, with 31% of businesses estimating they are attacked once a week it really is crucial, we are taking steps to reduce risk.

Jonathan Ashley from Eti-Cloud gave some great tips in his talk on Cyber Security which law firms can actively use to reduce the risk of cyber-crime. His five top tips below can help firms to ensure they are doing the right things to protect their firm against the increasing risk of cyber-crime.

Email and web filtering

Email and web filtering helps to categorize incoming emails, segregating spam emails, viruses etc so only safe emails from familiar email addresses can enter your inbox. There is also options to review emails that get ‘quarantined’ by this block, meaning staff can check the safety of an email before it can be ‘let in’ to their inbox. Web filtering works in a similar way keeping your network safe from malware and web-borne threats, helping to protect your data and the reputation of your firm.

Have a security policy

Having a security policy that everyone is aware of and adheres to is vital in protecting your firm. Security policies are important to protect a firms assets and identifying potential threats to those assets and what measures you as a firm take to prevent potential threats. Make sure your policy is visible and everyone in the business understands their role to play in upholding the policy to reduce threats to the firm and clients.

Conduct staff training

Reducing the risk of cyber security is not just your COLP/COFA’s job. Everyone in the business has a role to play in reducing risk and knowing what to look out for in the unfortunate event of an attack. Data breaches cost UK organisations an average of £6.4 million and investing in security awareness training reduces the risk of phishing attacks by around 50%. Conducting staff training increases awareness helping to protect the firm’s data, systems and networks from malicious attacks and threats. Training helps everyone in the firm understand the importance of cyber security and teaches staff how to identify potential threats and most importantly, how to respond.

Move away from email!

83% of cyber-attacks are phishing attempts, criminals replicating emails enticing your employees or clients to click fraudulent links or transfer money to fraudsters, and this is not as uncommon as you may think. We’ve all heard the horror stories. A lot of firms are now moving away from email communications to help reduce risk further, portal based communications can be a safer alternative,  especially for client facing departments.


Adding two-factor authentication to your systems protects fraudsters from getting in as you must enter a one-time password each time you log in. There are a variety of authenticator apps that you can use to help protect your firm. Adding that extra level of security on a day-to-day basis will go a long way in reducing the risk to your firm and your clients.

At Cashroom, we know how important risk reduction is for firms. We have created a unique and secure client portal which not only removes the insecurities of email communication but increases efficiency and ensures compliance for firms. Our portal has integrations to leading practice management systems, provides a clear audit trail and our streamlined and automated workflows ensure you can maximise efficiency whilst reducing risk to your firm and clients.

Eti Cloud provide data security and cloud solutions to help protect your firm. To find out more email info@everythingthatis.cloud

About Cashroom

Cashroom provides expert outsourced accounting services for Law Firms including Legal Cashiering, Management Accounts and Payroll services. Our mission is to free lawyers from the complexities of legal accounting by supporting the industry with accurate management information and allowing lawyers to do what they do best – practice law.

Book a demo

We’ve been with Cashroom for quite a few years now, and I would never go back. In any business, and particularly in times of uncertainty, it’s important to control your costs, and that’s exactly what you help me do.

Sharon Needle
Sharon Needle
Managing Partner, Needle Partners
Sign Up to our Monthly Newsletter