2nd November 2017
A recent study undertaken by cloud intelligence company, OnDMARC, found that Walker Morris was the only organisation out of the top 100 UK law firms to have sufficient measures in place to fully protect against email fraud.
The research undertaken by OnDMARC followed recent reports that UK law firms had seen an unprecedented 45 cases of cyber theft in the first quarter of 2017. The study examined the practices of law firms and showed that only Walker Morris complied with Domain-based Message Authentication, Reporting and Conformance (DMARC), a recently ratified email protocol that has been approved and endorsed by the National Cyber Security Centre, part of GCHQ, as the only sure-fire way of stamping out email spoofing.
Last year saw the threat of phishing attacks increase by 65%, this served as a warning to law firms that retain the strictest of confidential client information. Walker Morris took steps to ensure that the Firm became fully protected by implementing the controls in September 2016. The implementation process took around 12 months to fully configure and the Firm worked with a supplier to provide an email content checking facility.
Dr. Rois Ni Thuama, Head of Cybersecurity Governance Partnerships and Legal, OnDMARC commented:
“Implementing DMARC will enable the 99% of firms currently susceptible to email impersonation to combat this type of email fraud and thus help to prevent them from suffering reputational or financial damage with their client base further down the line. Legal firms such as Walker Morris should be applauded for implementing the necessary measures to thwart the risks of data theft.”
Janeen Dunderdale, Head of IT at Walker Morris added:
“Breaches of email security can have a detrimental effect on our ability to protect our client’s confidential information as well as causing widespread business disruption and reputational damage. Walker Morris continues to work hard on taking the right steps to ensure that as a firm we implement the necessary controls to protect our business against such breaches and are now delighted to have been announced as the only organisation in the top 100 UK law firms to have sufficient measures in place to be considered protected against email fraud.”
The threat of data theft from law firms would represent the greatest break of client trust. May 2018’s GDPR is set to transform data protection, and organisations of any sector should be encouraged to correctly configure their domains to prevent email impersonation, thus minimising security breaches.