Discover how LCF Law Limited mitigated their cyber risk through Cyber Essentials certification.
Founded in 1988, LCF Law Limited are an established law firm offering a wide range of business and personal legal services, with offices based in Leeds, Bradford, Harrogate, and Ilkley. Their vision is to help all their lawyers fulfil their potential and help their clients achieve their goals; to always provide practical and valuable advice with clarity and great service.
Why Cyber Essentials?
With the introduction of security standards such as the UK GDPR 2021 and DPA 2018, organisations are now responsible for the appropriate handling and processing of personal data.
As a law firm, LCF Law Limited recognise that they have a legal duty of care to their clients and the confidential data that they provide during a legal matter. Part of that responsibility involves ensuring the devices and systems that hold this data have the appropriate defences in place and are effectively protected against common cyber threats.
By subscribing to the recognised cyber accreditation scheme, Cyber Essentials certification, which involves regular, independent assessments allowed LCF Law gain further insight into their current cyber security climate, identify any holes in their technical processes, and reassure their clients that their data continues to be in safe hands.
What is Cyber Essentials?
This is the basic certification option and is awarded following the completion of a self-assessment questionnaire.
Depending on the information provided in the self-assessment, the business will receive a ‘pass’ or ‘fail’, highlighting any detected vulnerabilities. Once a ‘pass’ is awarded, the certificate is issued.
This is an additional certificate that can be obtained once the Cyber Essentials basic assessment has been issued.
Cyber Essentials Plus involves onsite, internal and external vulnerability tests that are performed on the business’s systems to determine the risk level. This then results in an in-depth evaluation, providing methods of remediation. Once a ‘pass’ is awarded, the certificate is issued.
As IT Director (and by virtue, the person within the firm that is responsible and accountable for our systems and data), I also need internal reassurance that we are effectively doing everything that we should be from a people and technology perspective to ensure our own, and our clients', electronic information is being handled in the safest possible manner.
James Hood, IT Director at LCF Law Limited
Since then, the Cyber Essentials assessment framework has allowed LCF Law implement the best industry practices and steer them away from complacency. As a result of the recent pandemic which has subjected many businesses and individuals to a remote working environment, the Cyber Essentials certification scheme now includes cloud services as part of its assessment process.
It is now more important than ever that those who bear the ultimate responsibility for data held in the cloud, and other systems, have assurances that it is being managed properly and securely.
Why Mitigate Cyber?
LCF Law Limited approached Mitigate Cyber in 2015 to achieve Cyber Essentials certification and have continued to certify their organisation over the past seven year. From our “excellent track record”, and being recommended by a peer, Mitigate Cyber have helped LCF Law understand their cyber security ecosystem, the areas that require attention, and the best way to remediate any issues.
It is important that any specialist partner in this field not only understands their subject matter but also understands the nature of business that they are working with. Having worked in legal for many years, and having almost exclusively worked with Mitigate Cyber from a certification perspective, I can firmly attest that they indeed do!
James Hood, IT Director at LCF Law Limited
Five Key Benefits of Cyber Essentials Certification
1. Minimise the Risk of Threats
Cyber Essentials certification can help your business prevent an average of 80% of common cyber threats and data breaches.
2. Lower Your Insurance Premiums
Cyber insurance agencies look more favourably on organisations who have achieved Cyber Essentials certification.
3. Maintain Client Trust
Cyber Essentials certification allows organisations to demonstrate to their clients and investors that they take the protection of their data seriously.
4. Meet Compliance Requirements
Remain compliant with the UK GDPR 2021 and DPA 2018 with Cyber Essentials certification.
5. Tender for UK Government & MOD Contracts
Cyber Essentials certification is mandatory for all Ministry of Defence contract bids and many other Government tenders.