Law Society responds to open letter on ransomware

The Law Society response: 

“We share the ICO and NCSC’s concerns about the costs of cybercrime, which is potentially under reported, and welcome the attention both organisations are focusing on addressing gaps in current practice.

“Cybersecurity has never had a higher profile for solicitors, nor has the important role they can play in responding to these risks.

“We support our members with a range of guidance and practice notes on cybersecurity, including on what they should do if they are the victims of scams (and how to avoid them), cloud computing, and the use of legal technologies in members’ practices.

“We also hold regular, well-attended webinars on cyber risks, and host regular blogs and opinion pieces on our website to underscore the importance of best practice.

“We do not advise members to pay ransoms, nor suggest that is what they should advise their clients.

“In promoting cybersecurity to our members, we link to and promote the excellent materials for risk analysis and continuity planning on the NCSC website, and the clearly drafted guidance on data protection law on the ICO site.

“In that vein, we would be happy to publicise the updated ransomware guidance and the ransomware hub highlighted in the ICO and NCSC letter through our various channels and we will ensure that we revise our practice notes and other material for members to reflect this advice.

“The close working relationship between the Law Society, Bar Council and the NCSC in the production of the IT questionnaire for instructing chambers has demonstrated what can be achieved by collaborative working.

“We would welcome the opportunity to meet with the ICO, NCSC and Bar Council to discuss further steps we might take and how we can continue to work together on this critical issue.”

They provide a list of resources, which can be found here.