Editor, Solicitors Journal

Legal industry facing crisis amid shortage of cyber-security specialists

17 Nov 2015News

UK businesses must show a greater commitment to data protection and security training

A shortage of qualified cyber-security specialists is becoming critical for law firms following several high-profile cases of hacking, experts have warned.

In 2015, Talk Talk, Ashley Madison, Harvard University, and the US's Internal Revenue Service have all fallen victim to sophisticated and damaging hacks.

Symantec CEO Michael Brown has been quoted saying the global demand for cyber-security professionals is set to grow to six million by 2019 with the shortfall expected to be around 1.5 million, an issue of specific concern for the legal industry given the sensitivity of the data being handled.

Measures have been introduced by the UK government, including Cyber Essentials, a scheme aimed at helping organisations protect themselves against common cyber-attacks.

However, these initiatives have been proven insufficient when it comes to combating modern advanced persistent threats (APTs) to businesses.

Founder of Gibbs S3, Farida Gibbs, commented: 'The range and severity of threats, coupled with the desperate shortage of skilled staff means that the majority of British banks are fighting an increasingly complex war with clearly insufficient resources.

'This issue is compounded by the fact that standing still is not an option - firms need to be far more proactive in beefing up their digital defences as the hackers who are looking to get in are constantly evolving and mutating their attacks.'

Punam Tiwari, senior legal counsel at Gibbs S3 said: 'We've now seen CEOs of major companies lose their jobs because of cyber-attacks which should be a serious wake-up call about the consequences.'

'Companies should start from the assumption that their systems have been infiltrated by criminals and operate on that basis,' she added, 'yet many businesses are simply failing to act.'

Large corporations are not the only targets, however. Recent research from KPMG found that 70 per cent of SMEs can do significantly more to protect sensitive client data.

Tiwari said UK businesses needed to show greater commitment to data protection and cyber-security training as well as planning 'how they will bring on cyber-security experts at a moment's notice - whether that is for a crisis scenario or not'.

Research from earlier this year found that over half of UK legal professionals believed their companies were not doing enough to prevent security breaches.

One in ten lawyers admitted to having no measures at all in place to decrease the risk of data loss.

Matthew Rogers is an editorial assistant at Solicitors Journal matthew.rogers@solicitorsjournal.co.uk

Legal News desk contact: editorial@solicitorsjournal.com

Latest Articles

AI and public law: risks, duties and compliance

AI promises efficiency and savings, but public sector use must comply with legal principles to safeguard fairness and accountability

Supreme Court judgment prompts fraud case review

The Serious Fraud Office has responded to the Supreme Court’s decision impacting several fraud convictions

GPS tags lead to crime reduction

A new report reveals the effectiveness of GPS tagging, which has reduced reoffending rates by 20 percent

Tribunal upholds manifestly unreasonable exception in environmental information dispute

First-tier Tribunal dismisses appeal against Information Commissioner, reinforcing limits on environmental information requests under EIR.

Forestscape Limited successfully challenges asset of community value designation

First-tier Tribunal allows appeal against woodland's ACV classification, emphasising evidential requirements for community value designations.

Jury trials under threat in fraud

Plans to replace juries with specialist judges in fraud trials spark fierce debate over justice, efficiency, and rights

UK migration crackdown could pile pressure on lawyers

Sweeping visa curbs and settlement delays pose major compliance challenges, leaving lawyers to navigate risks for clients

Tribunal upholds disclosure of hydrogen heating environmental information

First-tier Tribunal dismisses Secretary of State appeal on environmental information disclosure

High Court scrutinises prolonged immigration detention amid mental health concerns

Immigration detention challenged where vulnerable detainee's mental health deteriorates significantly

High Court refuses DoLS extension for young sexual offender on licence

High Court declines deprivation of liberty order for rehabilitating juvenile offender

Article 13(b) defence in international child abduction: YM v ML analysis

High Court ruling demonstrates stringent threshold for grave risk exception under Hague Convention.

High Court rules on employee share option rights after termination

High Court examines share option exercise rights following employment termination in Dixon v GlobalData

High Court clarifies creditor rights in DG Resources Ltd v HMRC winding-up dispute

High Court reinforces HMRC's creditor position whilst examining service requirements and cross-claim thresholds.

Government clears path for new homes

The New Homes Accelerator is set to expedite the building of nearly 100,000 homes across England

EU AI Act brings GPAI rules to life

The EU’s new AI rules make GPAI compliance an immediate reality for UK companies developing or deploying these models

SJ Interview: James Palmer CBE

James Palmer CBE, Partner of Herbert Smith Freehills Kramer, has long been recognised as one of the UK’s most influential corporate lawyers and policy voices. Awarded a CBE in 2025 for his services to business and law, he has combined a high-profile career in M&A with decades of work on legal reform. In this interview, he discusses the challenges of legislative inflation and corporate advice, access to justice, and the future role of technology.

The SQE is failing its own test

Five years on, the SQE is underperforming, and targeted reforms could close persistent gaps.