Baker Love Lawyers
Founded in 1875, Baker Love Lawyers is proud to be one of Newcastle’s oldest and most trusted law firms. Today’s Partners have been a part of Baker Love for up to five decades and follow in the notable footsteps of equally long-serving predecessors. They head a team of over 10 energetic and expert young professionals practising across a range of areas of law.
A proactive approach to cybersecurity
Baker Love Lawyers acknowledge the legal implications of not securely protecting their client’s data, and so proactively reached out to the Diamond IT team to ensure they were operating under a robust cybersecurity strategy.
The main focus of the project for the Baker Love team was to ensure they were proactively and strategically protecting both their clients and data and the integrity of the organisation.
Baker Love had existing cyber policies and protection strategies in place, however, requested an expert analysis to ensure they were fully compliant with best practice, and if there were any areas where improvements could be made. They were referred to Diamond IT, where our Technology Consulting Manager met with the Partners to discuss the implementation of a cybersecurity review.
“Baker Love realised that all businesses are increasingly at risk of cyberattack and that humans are often the biggest risk to cybersecurity. We wanted to ensure our staff were aware of the most common and successful methods of cyberattack and the best ways to prevent it and protect the business from potential future attacks and business disruption. We are committed to protecting our client data so it was important for us to engage an experienced firm such as Diamond IT to conduct an independent cybersecurity health check to identify any network vulnerabilities that could be improved.”
– Rebecca Jones, Practice Manager
Comprehensive Review, Analysis, and Training
The Diamond IT team worked closely with Baker Love to implement the below phased project.
Phase 1: Cybersecurity Health Check
This process used an advanced system monitoring tool and expert analysis by one of Diamond IT’s senior security experts to detect any vulnerabilities and abnormal behaviours within the organisation. A detailed Assessment Report was then generated, focusing on the core areas of security, productivity, performance, backup and recovery. This report was then presented to the Senior Management team of the organisation to prioritise remediation activities. The Diamond IT team also worked closely with Baker Love Lawyers existing IT provider to ensure any technical security gaps were filled.
Phase 2: Cybersecurity Comprehensive
Based on the findings of the Cybersecurity Assessment report, Diamond IT’s Cybersecurity Comprehensive product was then completed in order to address any policy or procedure gaps and prepare for any potential future data breaches.
- A current state and gap analysis of the Baker Love Lawyers Cybersecurity environment (both Technology and Human-based)
- A review of current policy and procedures, including a comprehensive review and updates to ensure best practice and enforce user compliance
- Breach Response Planning – including the development of a step by step response plan for Baker Love to use in event of a reportable data breach.
The comprehensive review of the policies and procedures revealed the need to consolidate a number of pre-existing policies into one ICT Acceptable Usage Policy ensuring these policies aligned with both state and federal laws and regulations including the Notifiable Data Breach Scheme (NDBS) and the Australia Privacy Principles (APP).
Phase 3: Cybersecurity Staff Education and Training
The final stage of this project was training and education for the entire Baker Love team. The focus of the training was to educate the team on the threats and attacks they are subjected to each day, giving them the tools and experience they need to identify and manage cyber threats to protect their organisation.
The Baker Love team completed two face to face training sessions during different timeslots to suit the business schedule. This education not only impacts the business but benefits the employees on a personal level, with transferable skills being applied to personal cybersecurity.
In addition to the face to face training, Diamond IT conducted two Phishing Security Tests (one prior to, one a few weeks after the training) to gauge Baker Love staff’s susceptibility to phishing attacks before and after the training.
The Baker Love Cybersecurity Project resulted in a marked decrease in risky cyber behaviour by staff and an overall reduced cyber risk to the organisation. Baker Love continues to maintain their proactive approach to protecting their clients and their organisation in today’s current cyber environment.
“Diamond IT has helped us to better understand the risks associated with cyber crime. Through their network analysis and robust training, we have been able to ensure we are operating under a best-practice cybersecurity strategy. Diamond IT is extremely knowledgeable and we found them great to work with. We had an agreed project timeline and Diamond’s Technology Consulting Manager was responsive and committed to achieving the set timeline. We would happily work with Diamond IT again in the future.”
– Rebecca Jones, Practice Manager
How we can support you
Cybersecurity Awareness Training
Cybersecurity Awareness Training educates you and your staff in the threats and attacks you are subjected to every day. Using multiple platforms, we guide you through the minefield that is Cyber and Data security and ensure you have the tools and experience to keep your organisations' systems and data safe.
Cybersecurity Health Check
With pressures on organisations to keep company data safe from cyber criminals it is becoming increasingly important to protect your networks and ensure user compliance.
Diamond Cybersecurity Health Check has been designed for organisations that are unsure of how well they are placed to defend against cyberattacks and manage the business risks associated with a data breach.
Cybersecurity and Data Protection
Today, more than ever, you need to secure your network to keep your operations going, keep your data safe and most importantly keep your customers' private information safe.
IT Disaster Recovery Planning
Disaster doesn't strike often, but when it does the impacts can be significant.
You need to minimise the effect on your business operations, and your ability to service your customers during and after the event.