Research by the British Chambers of Commerce and IT company, Cisco, found that more than half of the 1,000 UK firms surveyed believe that their IT systems have been left more exposed to cyber-attacks since the huge increase in people working from home during the pandemic.

Cyber attack victims

The survey, which covered companies from all sectors and of all sizes, also found that one in 10 firms said they had been the victim of a cyber-attack in the last year, rising to more than one in seven for larger firms.

Yet despite this, four out of five firms said they did not currently have accredited cyber-security measures in place to protect against attacks.

This is not the only worrying statistic either; last year, Access Legal produced a report which found that 43 percent of 3,500 law firms hadn’t updated their cyber security policies to include remote working.

Changes to remote working

As so many companies have shifted to a remote or hybrid working, IT departments and companies have also had to change how they manage their software and security and what their top priorities are. According to the Office of National Statistics, in February this year more than 8 in 10 workers planned to hybrid work. Since then, the proportion of workers hybrid working has risen from 13 percent in early February 2022 to 24 percent in May 2022. The percentage working exclusively from home has fallen from 22 percent to 14 percent in the same period.

With this new working model, there is more opportunity than ever for cybercriminals to not only disrupt and damage companies but to access money and sensitive data. According to the Solicitor’s Regulation Authority, in the first two months of the first national lockdown there was a 337 percent rise in phishing scams.

This rise in attacks made legal firms as well as other companies more dependent than ever on cyber-security, as they were more dependant than ever on the technology needed to do their jobs and the Solicitor’s Regulation Authority had also reported that one firm lost around £150,000 worth of billable hours after an attack.

However, cyber-attacks don’t just cost in billable hours and other financial losses, but they also cost firms in lost time, higher insurance premiums as well as reputational and relationship damage.

According to Solicitors Regulation Authority’s thematic review the cost of mitigating cyber threats is however much lower than the losses of a successful attack.

Why you need an IT security policy

Having an IT security policy in place is essential today, especially due to the tech that firms and solicitors now rely on such as home Wi-Fi, personal devices webcams, cameras, and software such as Zoom and Teams for communicating. Security policies are put in place to help protect both physical and digital assets. They also identify those assets and any threats to them. In turn, they also help to ensure legal compliance with security requirements. So, if you don’t have such a policy in place, you run the risk of not staying up to date with legislative changes.

Security policies incorporate certain non-negotiable parts, but otherwise consist of collaborative agreements. This means every security policy is, to some extent, unique and tailored towards the needs of the individual business.

Need more help?

To discover more ways that we can help your business become as secure as it should be, get in touch with Compex IT today.