top of page

Law firms - Do your staff know how to recognize a cyberattack?

If you work in a law firm, you probably already know that the cyber risk to your business is rising continually. The National Cyber Security Centre June 2023 Report on the Legal Sector states that 75% of law firms reported having been the victim of a cyber attack as some point in the recent past.

Lawyer with clients
Law firms regularly appear near the top of most vulnerable sectors

Those attacks are often in the form of phishing e-mails, and many could lead to business e-mail compromises and ransomware attacks.

But as one partner at a law firm in our region who suffered a potentially catastrophic cyber-attack said recently

‘If the ECRC had approached us about joining the centre the day before the attack we would have been interested in what they had to say, but we would probably not have joined the centre or significantly changed our current processes around cyber resilience.’

As the are your last line of defence it is vital that your staff are aware of the potential risks and what they should do to protect your company.

Security Awareness Training – a different approach taken by the CRC network

The Eastern Cyber Resilience Centre was set up in 2021 as a government funded, police staffed company. That means we operate with a public service ethic, putting the needs of our members above all else. We offer a number of free and affordable Cyber Security and Resilience Services that are designed to assist businesses and their staff to have the right strategies to respond to cyber incidents efficiently and migrate any potential damage a cyber-attack may create.

Through Cyber PATH, local university students are trained and mentored by senior ethical hackers, to deliver all our services and to work with staff to build their cyber awareness, understand the latest cyber threats and secure the business’s online environment.

Our Awareness Training focuses on those with little or no cyber security or technical knowledge and is delivered in small, succinct modules, using real-world examples. We tailor our Security Awareness Training to each individual audience to provide the right level of skills and context for your business. We can deliver training to any sized group, in-person, remote or a hybrid of the two.

The trainers are highly knowledgeable, personable, and friendly and pride themselves on providing the right environment for your people to feel comfortable and to ask questions. Below are testimonials from businesses who have already had our Awareness Training:

For just a few hundred pounds, you can help to protect your company against a cyber-attack that ultimately could cost you thousands.

Our Security Awareness Training covers a wide range of cyber security topics, including social engineering, ransomware, and phishing attacks. The training provides simple and effective knowledge for people to understand their environment and provides the confidence to challenge when something doesn’t look right.

As one of our members said. “The Cyber Path Student was a confident and knowledgeable presenter who put all attendees at ease and lead a thoroughly enjoyable and hugely useful and informative session. Time well spent!”

What should I do now?

Here at the centre, we would recommend that you consider joining our community today as one of our growing number of free core members. You will be supported through implementing the changes you need to make to protect your organisation.

ECRC logo
Free membership offer access to a range of subsidized services

And take a look at our affordable security awareness options to find out what to do next. A small investment now could lead to massive savings in terms of cost and liability further on down the line.

Reporting a live cyber-attack 24/7

If you are a business, charity or other organisation which is currently suffering a live cyber-attack (in progress), please call Action Fraud on 0300 123 2040 immediately. This service is available 24 hours a day, 7 days a week.

Reporting a cyber-attack which isn't ongoing

Please report online to Action Fraud, the UK's national reporting centre for fraud and cybercrime. You can report cybercrime online at any time using the online reporting tool, which will guide you through simple questions to identify what has happened. Action Fraud advisors can also provide the help, support, and advice you need. Alternatively, you can call Action Fraud on 0300 123 2040 (textphone 0300 123 2050).


The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the East is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the East provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

The Cyber Resilience Centre for the East does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the East is not responsible for the content of external internet sites that link to this site or which are linked from it.

bottom of page