Rely on the most comprehensive, up-to-date legal content designed and curated by lawyers for lawyers
Work faster and smarter to improve your drafting productivity without increasing risk
Accelerate the creation and use of high quality and trusted legal documents and forms
Streamline how you manage your legal business with proven tools and processes
Manage risk and compliance in your organisation to reduce your risk profile
Stay up to date and informed with insights from our trusted experts, news and information sources
Access the best content in the industry, effortlessly — confident that your news is trustworthy and up to date.
With over 30 practice areas, we have all bases covered. Find out how we can help
Our trusted tax intelligence solutions, highly-regarded exam training and education materials help guide and tutor Tax professionals
Regulatory, business information and analytics solutions that help professionals make better decisions
A leading provider of software platforms for professional services firms
In-depth analysis, commentary and practical information to help you protect your business
LexisNexis Blogs shed light on topics affecting the legal profession and the issues you're facing
Legal professionals trust us to help navigate change. Find out how we help ensure they exceed expectations
Lex Chat is a LexisNexis current affairs podcast sharing insights on topics for the legal profession
Printer Friendly Version
The events of the last month, involving the Information Commissioner’s Office (ICO)’s plans to fine British Airways and Marriott International a collective £280m for breaches of customer data, have invariably brought the GDPR compliance issue
into a sharper perspective for large corporates.
The new GDPR regulations 2018 regulations brought a new age to the personal data debate and meant that many companies duly overhauled their customer data policies in line with requirements, with much of the regulation surrounding how data is stored, managed, processed
and deleted. However, the data issue is further complicated by a recent considerable rise in cyber security, with law firms, in particular, a key target in this area.
According to the Annual Law Firms’ Survey 2018 by PWC UK, cyber security is a key concern for 82% of the top 100 firms. 60% of the firms were also reported to have suffered a security incident in 2018 resulting in cyber security being a major concern for many law firms.
In Banking, new data released from banking trade body, UK Finance, revealed that incidents of online payment scams reached nearly 85,000 in 2018, with total losses of £354.3m. It was also revealed that in the second half of 2018, £209m was
lost in bank transfer fraud, compared to the £145m lost in the first half of the year. Cyber attackers are able to use personal and financial data to defraud customers, and reroute transactions, by sophistically posing as government agencies
like HMRC, or DVLA, or impersonating a banking site - all with access to their personal data to further validate their claims.
The amount of sensitive data handled by law firms makes them a prime target of cyber-attacks. Poor data management could lead to firms becoming vulnerable to threats such as bank transfer fraud, phishing scams, ransomware or data breaches, which
allow for additional compliance risks. Furthermore, data collected through fraudulent means can be used many years after the event has taken place, and can be used to facilitate deception scams against companies and consumers, making them highly convincing
and far more difficult to guard against.
As digital transformation continues to proliferate, law firms would be wise to look to key technology providers in the industry, in helping them navigate these potentially challenging new territories.
The British Airways fine completely eclipses the €50m (£45m) fine imposed on Google by the French DPA (CNIL) in January this year and is additionally the largest fine issued in relation to the maximum permitted penalty under GDPR rules. The
attack affected a total of around 500,000 customers, with user traffic to their website being re-directed to a fraudulent site, through which, criminals were able to obtain personal customer details, log-in details and payment card information.
Our current commercial climate is becoming increasingly data-driven. With more and more companies offering access to data and services online, and a high upward trend in mobile users, which is currently forecasted to reach 5.9 billion by 2025, the equivalent
to 71% of the world’s population. The more that corporate
companies are expected to deliver their services digitally, and handle sensitive data frequently, in large volumes, the more they are at risk of advanced data breaches, and therefore the considerable resulting fines:
Fines applied to Knuddels, Google, Taxa4x35, and Bisnode, plus proposed penalties for British Airways and Marriott International, for GDPR violations. Revenue figures calculated using publicly-available investor reports and estimates from Owler.com. Maximum possible fine is defined as either €20m (£17.6m) or 4% of annual revenue, depending on which is greater, as stipulated in GDPR.
Cyber security and data protection will continue to be major topics of focus for law firms in 2019, with the heavy emphasis on protection of personal data, GDPR compliance and the avoidance of high-risk data breaches.
LexisNexis Cordery Breach Navigator, is a sophisticated tool which allows companies to reduce the risk of a breach taking place. It is a
tool designed specifically for internal use in the law firm, where the Data Privacy Officer (DPO) can track and plan a response to potential risk to GDPR compliance in the company’s data management strategy.
The tool helps our clients in avoiding the considerable reputation and financial consequences of highly publicised data breaches. DPO officers can use the software in establishing key processes that can respond to risks, assess each
incident individually and report in full compliance with the law, instilling confidence in key stakeholders and senior management.
 GSMA Intelligence 2019
0330 161 1234