Our IT support services for legal firms can take many forms. Whether it is technical support, hosting or the integration of new systems such as AI-based programmes, we can help.
All of these are very important, but one of the most critical of all is cybersecurity.
Anyone can be targeted by cyber attacks, which range from denial-of-service to phishing emails, but the most concerning attacks involve instances where vital confidential client, patient or customer data is stored.
Examples of this include:
- Health services providers, where confidential patient data is held, with cases of breaches, including the ransomware attack on NHS provider Synnovis in 2024 and the hacking of the UK BioBank a few weeks ago.
- Retailers, such as the Co-op and Marks & Spencer. They were targeted in ransomware attacks last year.
- Law firms, such as the attack on Merseyside-based DPP in 2022.
Why Did DPP Get In Trouble After A Cyber Attack?
Law firms will have had no excuse to overlook the importance of IT security after the DPP case, which saw over 32GB of data being lost.
The situation was compounded by the firm not reporting the breach for 43 days, by which time the National Crime Agency had contacted them to advise that client data had turned up on the dark web.
This slack approach, the fact that the company deals in sensitive cases in areas like crime, fraud, sexual offences and actions against the police, plus the initial shortcomings in security, led to the Information Commissioner’s Office imposing a £60,000 fine.
Your law firm may not deal with quite such sensitive data, but in any case, there will still be confidential and sometimes commercially sensitive information that your clients will entrust you with. Losing them to a hack or being held to ransom by a virus is the last thing you want.
It may seem like a daunting challenge to deal with cyber attacks. The Cyber Security Breaches Survey 2025 revealed that 43 per cent of firms in the UK faced at least one cyber attack in 2024.
What Are Passkeys And How Can They Help?
However, while the crooks are busy and becoming ever more sophisticated in their tactics, the IT security industry is fighting back with new tools and techniques to improve security. Our IT support can include helping you to access these defences.
The latest of these defensive measures is the replacement of passwords with passkeys.
This is a step Britain’s top IT security experts at the National Cyber Security Centre (NCSC) have strongly advised, stating that “Passkeys are the more secure and user-friendly login method and should be the default authentication option for consumers”.
It advised this change on the back of conclusions from a study on password security, presented at the recent CYBERUK conference in Glasgow.
A passkey involves using multi-factor authentication, such as biometric data like fingerprints or facial recognition, in combination with a device pin that is unique to each user and device.
The benefits of passkeys include:
- No more struggling to remember passwords
- No issues with weak passwords that are easy to guess
- They cannot be intercepted, reused or stolen
- They are not vulnerable to phishing attacks
- They are quicker to sign in with
Director for national resilience at the NCSC, Jonathon Ellison, said: “Moving to passkeys is something all of us can do to improve the security of everyday digital services and be prepared for modern and future cyber threats.”
Why Are Passkeys Being Recommended Now?
Some might wonder, given all these benefits, why the NCSC hasn’t recommended them already. The explanation it has given is that there were previously some “key implementation challenges” that have gradually been resolved.
With tech firms, IT services providers and workplace systems becoming increasingly aligned to enable the integration of passkey systems, companies and public sector bodies can now confidently make the switch.
Last year, the government announced it would roll out passkeys for its digital services as a replacement for its present SMS-based verification system, often used for very data-sensitive matters like dealing with HMRC.
Your firm could be next to make the switch from passwords to passkeys, making data far more sensitive and harder for crooks to get through to. Biometric authentication, for example, offers unique accessibility, unless you have a twin who is a cyber criminal.
Moving on from passwords also means the days of ‘Password 1234’ and the like are increasingly numbered, which, along with the phishing-proof benefits of passkeys, could drastically reduce attacks.
Naturally, many firms will not be familiar with passkeys or the means of setting them up. Our support can help you to do this, ensuring that sensitive data that needs to stay secure remains exactly that.