🔒 Cybersecurity for lawyers

You might want an accreditation — essentially, a third party's assertion that your cybersecurity measures meet some defined standards — for your cybersecurity preparations.

This might be because doing so helps you attain a higher standard than you would reach with your own preparations, or else you want an attestation of your security from a third party.

ISO 27001 is an internationally-recognised information security standard, focussed on the implementation of an information security management system.

A copy of the standard is approximately £100.

Attaining ISO 27001 is likely to need third party support, and will probably cost several thousand pounds.

A scheme promoted by the UK government, Cyber Essentials is a basic information security accreditation focussed on five areas. It costs approximately £300 + VAT.

It is a self-assessed scheme. If you wanted more assurance, it has a second tier, Cyber Essentials Plus, which requires independent verification.