Only a quarter of UK law firms are ready for GDPR, study shows

Just 25% of UK law firms are ready for the General Data Protection Regulation and one in five have experienced an attempted cyber attack in the past month

Most law firms in the UK do not yet comply with the EU’s General Data Protection Regulation (GDPR), with just over six months to go before the compliance deadline of 25 May 2018.

According to a report by managed services provider CenturyLink Emea, only 25% of more than 150 legal sector IT decision-makers said their firms were GDPR ready, despite the threat of fines of up to €20m or 4% of annual global turnover for serious data protection failings under the GDPR.

The results highlight the fact that most firms need to prepare while they still have time to be fully compliant with the legislation, said Steve Harrison, sales director at CenturyLink. He said law firms still have a chance to be ready, but they need to take action now to analyse their business and data to determine where the gaps are, and what steps should be taken.

“Implementing a security log monitoring and analysis service will enable organisations to quickly identify if and when they have experienced a breach, enabling them to better comply with the GDPR breach notification regulation,” said Harrison.

According to the study, one in five law firms have experienced an attempted cyber attack in the past month, and less than one-third (31%) of IT directors believe their firm is compliant with all cyber security legislation.

Continue reading…