25 May 2018

Lawyers show 'worrying lack' of cybersecurity knowledge

Australia needs to move forward

Warning signs as research shows clients at risk due to Australian lawyers' lack of cybersecurity knowledge.

New research in Australia shows that highly sensitive and confidential client data is at risk of exposure as lawyers are not adequately aware of cybersecurity measures and practices.

Clients at risk
A survey of 122 lawyers, conducted jointly by the Edith Cowan University’s Security Research Unit and Law Society of Western Australia, has revealed a ‘worrying lack of knowledge’ among the legal profession when it comes to protecting client information online. The survey revealed that only 9.4 per cent of lawyers use encryption to protect client data, 94 per cent use email to send confidential data, and 53 per cent forward work-related emails to non-business email addresses, such as Gmail or Hotmail. Other results included findings that 11 per cent of lawyers don’t have anti-virus protection on their work computers, 41 per cent don’t have automatic updates installed for their work computers, 64 per cent use home or free public Wi-Fi, and 41 per cent are unaware of what cybersecurity measures are in place on their smartphones.

Ways to improve
The reports researchers identified a number of ways for lawyers to improve their cyber practices: turning on automatic software updates on all devices, utilising cybersecurity countermeasures on computers and smartphones, encrypting sensitive client data, limiting use of third-party email services, and reporting cyberattacks to government initiatives such as the Australian CyberCrime online Reporting Network.