Stratia Consulting specialise in Information Assurance and Risk Management.

We have years of experience in providing information assurance and information risk management services to all kinds of businesses. It does not matter whether you run a small start-up company or a large corporation, we will ensure your assets are protected and maintained efficiently. Our aim is to find the best form of protection for your business and provide you with the means to manage risks effectively in order to minimise financial costs and prevent damage to your reputation.

Cookie Policy

A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.

We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.

Overall, cookies help us provide you with a better website by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

Contact Info

Legal

Cyber Security within the Legal Sector

The Solicitors Regulatory Authority has highlighted security as one of its priority risk areas. Managing the risk posed by cybercrime is a regulatory requirement. Not only are legal firms being required to comply with professional and legal standards but new legislation from the EU promises a radical tightening in data protection standards.

The Information Commissioner’s Office has fined both the CPS and Serious Fraud Office in 2015 £200,000 and £180,000 respectively for breaches and they have stated that the legal sector was the fourth worst of all sectors.

In 2014 UK Law firms were investigated 187 times by the ICO for possible breaches of the Data Protection Act where the ICO revealed that 29% of the cases were caused by unspecifed security events with a further 26% connected to some form of data disclosure.
The legal sector remains a hot target for the full spectrum of threat actors; cyber-criminals, hacktivists, state-sponsored groups. This is largely due to the wealth of sensitive data held within the industry. That includes; patent data, merger and acquisition information, protected witness information and negotiation information. The scope is vast and not limited to the above list. Legal firms are equivalent to a pot of gold for any of these groups.

There are also a rapidly growing number of scams being targeted at businesses, especially legal firms, to de-fraud them or blackmail them through ‘ransomware’ which are becoming harder to spot and prevent. Cyber security risks are a hot topic in the area of law firm compliance right now, and rightly so. A quarter of law firms have reported being the victim of a cyber attack, of which nearly one in ten result in money being stolen.

NCSC Legal Sector guidance

Download PDF:
NCSC Legal Sector guidance

We have the following capabilities:

  • Cyber Security Consultants, including NCSC Certified Cyber Security Consultancy Head Consultants (CCSC consultants)
  • NCSC Certified and commercial certified Security architects to help design security into your systems from the beginning ensuring that requirements are understood and met.
  • ISO27001 Certified Lead Implementers and Auditors
  • GDPR privacy impact assessments carried out by Certified GDPR Practitioners
  • IT compliance checkers and penetration testers to provide assurance in the design and operational security of your systems
  • Operational Security Management
  • Cyber Security Incident Response

Contact us below to discuss your requirements

Legal Sector Follow Up

Please use the form below to let us know how we can help your organisation within the Legal Sector in achieving their information & cyber security goals.