Law practices may be at particular risk of cyber attacks because of the large amounts of data they hold, so the Law Society of Scotland has produced a new guide for solicitors on how to protect themselves.

The society’s Guide to Cybersecurity sets out threats to consider, the potential impact of a cybersecurity breach and what solicitors can do to reduce the likelihood of a successful attack on their business.

The guide also highlights the need for a well thought out response and disaster recovery plan in the event of a cyber attack being successful.

The most severe breaches can cost small to medium-sized businesses more than £300,000 and from next year could also incur significant fines under the new EU General Data Protection Regulation (GDPR) that comes into force in May 2018.

Helena Brown, vice-convener of the Law Society of Scotland’s Technology Law and Practice Committee and data protection and intellectual property partner at Addleshaw Goddard, said: “Cyber crime poses one of the most important challenges to business, with increasing numbers affected by frauds and scams.

“Many of the threats to legal firms are no different to other businesses, but in the legal world, where keeping client information confidential and client funds secure are paramount, the consequences of not having a robust cyber security plan in place can be extremely severe, not only in terms of potential data or financial losses, but also to the reputation of the firm.

“While there is no shortage of information on cyber crime and cyber security in general, we specifically wanted to have a look at the issues from the perspective of solicitors and legal practices.

“The Society’s guide has been designed to help solicitors and their staff team understand and defend against cyber threats. It provides simple tips that could help safeguard information and protect against reputational damage.”

The guide is available as a PDF and on the Law Society of Scotland website and a copy will be sent to all law firms in Scotland.

This article is sponsored by:

GDPR certified

Show your customers that you care about their privacy! European Center for GDPR Certification is the “Consumer Trust Body” of the General Data Protection Regulation. Visit to read about how to add “GDPR TRUST SEAL”™ to your website in order to gain more business and distance you from the not so serious businesses – It Pays Off!