Late last year, LegalVision was in Canberra to attend our first National Conference of the Association of Corporate Counsel (ACC). We were there to launch our White Paper on NewLaw and to spread the word about how innovative models of legal service delivery are changing the landscape for in-house lawyers. We had some excellent conversations with General Counsels who were exploring how they could use technology to reduce costs, increase team member engagement and add even more value for their organisations. It was a great event – and we are already planning our trip to Alice Springs for the 2017 edition of the ACC’s National Conference.

Whenever things were a bit quiet on the floor of the exhibition hall in Canberra, the LegalVision team would sneak over to the conference sessions and hear about the key issues facing in-house lawyers. One of the highlights was a presentation from David Irvine AO on “Cyber Risks: Why you need to pay attention”. Irvine’s record puts him in a unique position to comment on these issues: he has led both of Australia’s two intelligence agencies, the Australian Security Intelligence Organisation and the Australian Secret Intelligence Service. He’s now the chair of the Australian Cyber Security Research Institute.

Cyber Resilience, Not Cyber Security

An important message emerging from Irvine’s presentation was that businesses should start focusing on building cyber resilience, rather than the traditional concept of cyber security. The problem with talking about “cyber security” is that it frames the issue as a cost that businesses must endure and a technical project that should only be the concern of the IT team. By contrast, “cyber resilience” positions the issue within a broader framework of effective business management and leadership and focuses on the opportunities cyber resilience presents in the digital age.

Four Tips

For Irvine, the starting point for building cyber resilience is knowing what to protect and what threats exist. Navigating this territory can be tricky for IT amateurs because cyber security has its very own cast of characters and terminology.

To make sure we all had something practical to take away from the conference, Irvine suggested four simple measures that businesses can adopt to increase their cyber resilience. Like many of the most effective cyber security measures, these tips might seem like common sense – but they can make a big difference.

  • Change passwords regularly on email accounts and other platforms.
  • Restrict access to your organisation’s computer network, to ensure that only authorised people can access critical information on your system on an as-needed basis.
  • Keep patches up to date. As Irvine explained, some of us can be lazy when Apple or Microsoft announces a new software update. It’s easy to let the notification sit on our phone or laptop for days or longer. These updates are often deployed to patch cyber security gaps, so it’s a good idea to download them as soon as possible.
  • Configure systems not to accept changes unless made by authorised users following established protocols.

Cyber Resilience and Lawyers

Irvine’s lessons are not limited to the legal profession. His talk would also have been relevant has he delivered it to a room full of CEOs or CFOs, rather than GCs.

However, cyber security should be a top priority for lawyers because we are a logical target for threats. Law firms can be described as “particularly attractive sources of information”, and this sensitive information lawyers hold can be “a real prize” for cyber criminals. Worse still, lawyers have a lot more to lose from a cyber attack than businesses in many other industries. The risks of not being cyber resilient as a lawyer range from reputational damage and lost income, to being the subject of disciplinary actions and regulatory investigation.

The importance of cyber resilience is a particularly relevant message for in-house lawyers, who play a critical role as gatekeepers for their organisations. It would be wrong for corporate counsel to view cyber security solely as the concern of your IT team. In-house lawyers need to be proactive and lead the charge on building cyber resilience for their businesses.

Irvine’s presentation at the ACC’s National Conference was a rousing call to action for in-house lawyers. Practitioners working within corporations and other organisations should lead the charge in building cyber resilience. By doing so, they will help mitigate cyber risks, while also helping to add new value for their businesses in the digital age. After all, mitigating risk and adding value are the two key functions of the in-house lawyer.

Key Takeaways

In the digital age, where lawyers are increasingly communicating via digital channels and storing information in a digital format, it’s up to everyone, not just IT professionals, to be vigilant about cyber security. As Irvine suggests, it’s about being cyber resilient: learning the key concepts and terms will assist individuals to recognise cyber attacks and protect themselves and the companies they work for. Cyber security must be a central concern for all business, particularly those that hold sensitive or confidential information, such as a law firm.

If you have questions about Irvine’s talk or would like to contribute to the discussion, please get in touch on Twitter or LinkedIn.

COVID-19 Business Survey
LegalVision is conducting a survey on the impact of COVID-19 for businesses across Australia. The survey takes 2 minutes to complete and all responses are anonymous. We would appreciate your input. Take the survey now.

About LegalVision: LegalVision is a tech-driven, full-service commercial law firm that uses technology to deliver a faster, better quality and more cost-effective client experience.

The majority of our clients are LVConnect members. By becoming a member, you can stay ahead of legal issues while staying on top of costs. For just $199 per month, membership unlocks unlimited lawyer consultations, faster turnaround times, free legal templates and members-only discounts.

Learn more about LVConnect

Thomas Kaldor
Need Legal Help? Get a Free Fixed-Fee Quote

If you would like to receive a free fixed-fee quote or get in touch with our team, fill out the form below.

  • By submitting this form, you agree to receive emails from LegalVision and can unsubscribe at any time. See our full Privacy Policy.
  • This field is for validation purposes and should be left unchanged.
Our Awards
  • 2019 Top 25 Startups - LinkedIn 2019 Top 25 Startups - LinkedIn
  • 2019 NewLaw Firm of the Year - Australian Law Awards 2019 NewLaw Firm of the Year - Australian Law Awards
  • 2020 Fastest Growing Law Firm - Financial Times APAC 500 2020 Fastest Growing Law Firm - Financial Times APAC 500
  • 2020 AFR Fast 100 List - Australian Financial Review 2020 AFR Fast 100 List - Australian Financial Review
  • 2020 Law Firm of the Year Finalist - Australasian Law Awards 2020 Law Firm of the Year Finalist - Australasian Law Awards
  • Most Innovative Law Firm - 2019 Australasian Lawyer 2019 Most Innovative Firm - Australasian Lawyer
Privacy Policy Snapshot

We collect and store information about you. Let us explain why we do this.

What information do you collect?

We collect a range of data about you, including your contact details, legal issues and data on how you use our website.

How do you collect information?

We collect information over the phone, by email and through our website.

What do you do with this information?

We store and use your information to deliver you better legal services. This mostly involves communicating with you, marketing to you and occasionally sharing your information with our partners.

How do I contact you?

You can always see what data you’ve stored with us.

Questions, comments or complaints? Reach out on 1300 544 755 or email us at

View Privacy Policy