Essential tools to combat a cyber attack

Cyber Security Toolkit (2nd edition)

 

Peter Wright and Heather Anson

 

£60, Law Society

 

★★★★✩

This book is designed for those engaged in law firm management, but has value and wide application throughout business structures, private practice and in-house. Good governance and best practice are emphasised throughout and are supported by practical policies and checklists.

The authors consider the implications of breaches in the legal, regulatory, financial and reputational aspects of a business. Risks to staff are highlighted, including remote working and phishing emails. Guidance is given for staff training and policies; a useful source for a staff training programme.

The book is well structured with clearly laid out sections: Understanding Cyber Security; Mitigating Cyber Security Risks; and Managing a Cyber Security Breach. The book is designed so that you can dip in.

It is illustrated with current examples, which are very real and topical, highlighting the importance of good cyber security. And as we upgrade our work devices, how does the business dispose of these securely?

This toolkit comes into its own in the checklist sections, suggesting cyber security questions and checks in useful appendices. These checks (to be reviewed periodically) are to augment not replace existing procedures such as file audits.  You will find these appendices very useful.

The book concludes with Managing a Cyber Security Breach, including preparing for and responding to the worst-case scenario – a cyber attack. Reporting and response requirements are clearly laid out – reporting to the Information Commissioner’s Office if personal data is lost or compromised – with up-to-date resources. The Law Society, SRA, National Cyber Security Centre and Action Fraud are signposted, among others.

It will be for each business to decide what policies are appropriate for them.

This book contains the tools to enable you to look at cyber security risks, take well-informed decisions, and to review policies, procedures, technology, relationships with suppliers and staff training.

 

Dr Joan Purvis, chair of the Law Society’s Technology and Law Committee, is an in-house lawyer