Cyber Essentials for Legal Practices

Why Cyber Essentials certification matters for your law firm
18.02.19 AAG Digital

When the government’s National Cyber Security Programme engaged with the IASME (Information Assurance for Small Medium Enterprises) and the ISF (Information Security Form) in June of 2014, the Cyber Essentials certificate was created. 5 years in, Cyber Essentials has become one of the most recognised UK-backed accreditations managed by the NCSC (National Cyber Security Centre). However, some small businesses, particularly solicitors are still questioning whether or not Cyber Essentials is really ‘worth it’.

A blog by the Solicitors Regulations Authority (SRA) in January of 2018 stated: “All firms should assess the way they work and take steps to mitigate against the possibility of being victim to a cyber-crime attack. Protecting client money and assets is one of the Principles we ask solicitors to adhere to, so guarding against cyber-crime should be a priority.

The consequences of a successful attack for a firm can be substantial; the impact on clients can be devastating.”

AAG is an experienced provider of IT Support for law firms, and other related services.. Michelle Walker, AAG’s Managing Director has this to say on the importance of cyber protection: “Some businesses may ask why the cyber criminals continue to use similar tactics. Well, it is because they continue to get results. To a small business, losing money to fraudsters can often lead to company closure. It sounds extreme, but it happens, and more often than you might think.”

Bloom Media, A customer that has recently gone through the Cyber Essentials Certification process had this to say on the matter: “As a small legal practice specialising in media law, we are acutely aware of the importance of protecting client data and reputation. Whilst attending the annual Solicitors Regulators Authority’s COLP/COFA conference I was interested to hear the SRA’s recommendation that small firms should obtain Cyber Essentials certification as an alternative to ISO 27001.

AAG managed the entire process in a professional manner, enabling us to become certified with minimal effort. They also provided recommendations and I.T. policy documentation to assist with ongoing compliance and contingency planning. It is reassuring to know that our I.T. systems follow cyber security best practices.”

With the Cyber Essentials Certificate, up to 80% of cyber threats on a business are prevented. In addition, the certificate can also reduce your business insurance premiums. AAG IT Services can help your business adopt and be compliant with Cyber Essentials in a straightforward and efficient way.

Click here for more information regarding our Assurance & Compliance scheme. Alternatively, contact us on 0114 352 0688 or on [email protected] for more information.

Related insights

Browse more articles from our experts and discover how to make better use of IT in your business.

phishing statistics

The Latest Phishing Statistics (updated September 2023)


As the most common form of cyber crime, phishing affects both individuals and businesses. Find out how attack vectors and trends are developing with the latest phishing statistics.

cyber crime statistics

The Latest Cyber Crime Statistics (updated September 2023)


Read the latest cyber crime statistics, updated for September 2023, and see how the threat landscape has changed in recent years.

Ransomware statistics

The Latest Ransomware Statistics (updated September 2023)


Ransomware is an ever-present threat to cyber security worldwide. See how it has affected individuals and organisations with the latest ransomware statistics, updated for September 2023.