Despite number of attempted cyberattacks, majority of partners confident that their firm is compliant with GDPR, but most think the approach to cybersecurity could be improved
Half of the partners at law firms in Spain and Portugal say their firm has been the victim of an attempted cyberattack in the last two years, according to new research. A total of 48 per cent of partners said their firm had suffered an attempted attack in the last two years, with 40 per cent saying it had happened in the last 12 months, according to a survey conducted by Iberian Lawyer.
However, generally speaking, partners are confident that their firms are compliant with the recently introduced General Data Protection Regulation (GDPR), which applies to all countries within the European Union. A total of 84 per cent of respondents said they thought their firm was compliant with the GDPR. However, what will be of concern to clients is that one in ten partners in Iberia is not convinced their firm is GDPR-compliant.
Most partners believe their firm’s approach to cybersecurity could be improved. A total of 82 per cent thought their firm should ‘up its game’ with regard to cybersecurity – while the majority of respondents said they had received some cybersecurity training, around one in three (37 per cent) said they had not received any.
Overall, it appears that Iberia’s law firms are generally well prepared for the GDPR – the majority of respondents said their firm had either appointed a data protection officer or nominated a person to be responsible for overseeing data protection tasks. However, 7 per cent said their firm had taken neither of these courses of action. Meanwhile, one in four (24 per cent) survey respondents said that, to their knowledge, their firm had not conducted an audit of all the personal data they had and where it came from, despite this being a key requirement of GDPR compliance.