Wednesday, 23 May 2018
Confidential and highly sensitive client data is at risk of exposure according to the authors of new research on the cyber security practices of lawyers.
Professor Craig Valli, Associate Professor. Mike Johnstone and Ms Rochelle Fleming from Edith Cowan University’s Security Research Institute (ECUSRI) surveyed 122 lawyers on their cyber security practices and revealed a worrying lack of knowledge among the profession.
The research was conducted in partnership with the Law Society of Western Australia. It is part of a wider professional development program between the Law Society and ECUSRI.
The findings revealed:
Associate Professor Johnstone said there were some serious but not insurmountable flaws in the way lawyers were protecting themselves from cyber-attack.
“Lawyers, along with doctors are the two professions which handle most of our confidential information on a day-to-day basis,” he said.
“It’s incredibly important that their cyber security practices are improved to protect their clients and themselves.
“Imagine if a lawyer you’d engaged to draft a will had their email compromised and a cybercriminal gained access to all of the information contained in that will?
“Trials could also be affected if key documents related to arguments are inaccessible due to a ransomware attack like the Wannacry attack in 2017.”
Indeed, one of the largest law firms in the world, DLA Piper, was one of hundreds of businesses hit by the NotPetya attack in 2017. The attack reportedly shut the firm down for a number of days until their systems were restored.
Professor Craig Valli, (ECUSRI) said that cyber security vulnerability is not unique to the legal profession.
“ECU is working with the Law Society of WA to provide professional development opportunities for lawyers aimed at improving their knowledge of cybersecurity,” he said.
“What is powerful is the proactive position the Law Society of Western Australia has taken in understanding this and the speed in which training has been deployed against these insights” said Professor Valli.
The research identified five key areas for immediate improvement:
A Survey of Lawyers’ Cyber Security Practises in Western Australia was presented at the Association of Digital Forensics, Security and Law Conference in San Antonio, Texas.
In 2017 ECU was named as one of just two Academic Centres of Cyber Security Excellence in Australia by the Federal Government.
ECU’s Joondalup Campus is also home to the headquarters of the Cyber Security Cooperative Research Centre, established in April 2018 with $140 million in funding.
Please leave a comment about your rating so we can better understand how we might improve the page.