Law firms could be better protecting themselves against cybercrime when it comes to property transactions, according to a report by tmgroup.
The company, which sells systems for managing risk in property transactions, has published its Protect and Survive: Risk and Cyber Security in the Property Sector report after surveying more than 100 IT decision-makers in the legal, property and conveyancing sectors in a bid to identify the steps the industry need to take to protect themselves and their clients.
The report says that, of those surveyed, only 13% of businesses had spent “a lot of time and money” securing their communications.
tmgroup says that property transactions have long been at risk from cybercrime, as illustrated by the “Friday afternoon fraud” case that made headlines earlier this year, after homebuyer Howard Mollett had £67,000 of his lifesavings stolen after cyber criminals intercepted e-mails.
Despite this high-profile case, the report highlights that 58% of law firms said they felt either “not that threatened” (47%) or “not threatened at all” (11%) by the prospect of cyber attacks.
Jon Horton, account director at tmgroup, said: “With so many important and highly-sensitive documents being shared between a solicitor and a client, there is an area of risk. Traditionally, this sharing has been done by an open exchange of e-mail that can be intercepted, or by post, which is also susceptible to theft. Securing your perimeter is important. It is not a case of if it will happen, it’s more of a case of when, so risk mitigation and management is extremely important.
“While a duty of care falls on the solicitor to manage their clients’ expectations when it comes to security, their client may not necessarily be aware of the dangers when it comes to property transactions. Clients need to be made aware that they could be vulnerable to a cyber attack, while law firms should be embracing change and the use of new security technology to reinforce their systems.”
While larger firms appear to be more switched on to the threat of cybercrime, small to medium-sized firms should be looking to take a leaf out of their book to better protect their systems. Firms of all sizes could see significant implications securing personal property transactions when the pending General Data Protection Regulation comes into force in May 2018. The new rules will considerably increase law firms’ obligations and responsibilities to maintain the cyber security of client data.
One way to ensure clients’ data is more robust is to use automated systems that cut the risk of human error at input stage and act as an additional barrier to opportunist cyber criminals. However, only 29% of respondents with more than 500 employees said there was nothing holding them back from automating their processes.
The barriers to automation most often cited were the cost of upgrading systems (29%), concerns about cyber security (19%) and technical challenges (17%), which tmgroup believes are probably the most typical “fear factors” when it comes to implementing any new IT project.
Horton added: “This survey has revealed some concerning trends, most worryingly that some law firms do not appear to consider the possibility that unsecured communications could be undermining their transactions. Conveyancing solicitors need to look at the bigger picture when it comes to protecting their clients and their law firm, considering solutions that not only reduce the risk of human error, but also secure their communications to safeguard their reputation in the commercial and real estate sectors. That way, when a client starts to ask detailed cyber security questions they can be reassured that their financial and personal information will not be jeopardised.”
To send feedback, e-mail jess.harrold@egi.co.uk or tweet @jessharrold or @estatesgazette
