Insight: People vs Process; Implementing a risk strategy - Part 1

In this short blog series, Lawyer Checker’s Jen Williams outlines how combining cultural and technical competencies will shut the door on would be cyber criminals accessing your information.

People – How can they play a part in reducing risk

However, the due diligence and care that your employees conduct ultimately has the final say.  

The cultural competencies, places an emphasis on the people in your firm. Having a highly experienced and capable team, in the right place, at the right time working alongside the processes and technology can help to put a huge block on criminals infiltrating your business.  

It doesn’t matter about the size of the organisation you run or work in, but as long as there is a culture where everyone takes cyber security seriously from the very top to the very bottom of your hierarchy, you’re onto a winner.  

Most employees could probably spot a phishing attack, whilst this is still used cyber criminals have adapted their technology and behaviour and started spoofing emails to catch firms out.  These emails look identical to those you send and are difficult to spot, with criminals using words and phrases that employees would use in their daily lives.   

In the past 3 months, Linklaters have reported several attempts on their domain name. Each time, a subtle change was made to look like the original e.g. @linklaters.co or @linkiakers.com. Impersonation fraud, the act of using fake domain websites and email addresses extremely close to the originals, cost the UK £92.7milion in 2018. 

The minor changes all seem obvious now, but ensuring your guys know who they’re talking to is vital to keep those criminals out.  

Take that extra 30 secs to triple check an email address or pick up the phone and call a client/firm if something seems suspicious. Although it may seem like simple baby steps, due to the busy nature of the work you conduct this isn’t happening, and criminals know that.   

In our next blog we will look at how processes can prevent risk.