Skip to main content Skip to search

What’s Covered

Why does my law practice need cyber cover?

Law practices hold large amounts of sensitive information about clients and others which may be accessible electronically. At the same time, data is an increasingly valuable resource that is likely to be targeted or inadvertently disclosed through security breaches. Solicitors’ duty of care requires maintenance of client confidentiality, and law practices have an obligation to protect confidential and sensitive information and to respond quickly and appropriately where there is a risk that this information has been or may be disclosed. For this reason, crisis assistance is an important aspect of the cyber risk policy.

In addition, many law practices are becoming increasingly reliant on the ongoing availability of computer systems and networked technology for their day to day activities, meaning the consequences of a cyber-attack resulting in a firm’s computer systems being damaged or taken offline could be severe.

The cyber risk policy will respond to cyber events such as ransomware and other disruption attacks. However, it is important to note that the cyber risk policy will not respond to problems unrelated to a cyber event which arise through failure to maintain a computer and/or network.

It is prudent for law practices to ensure that up-to-date antivirus protection is in place, and to undertake frequent back-ups to ensure data can be restored in the event of an uncontained cyber-attack.

Cyber Risk Policy Wording

Tokio Marine Kiln/ Lawcover LST

What does the policy cover?

Lawcover has negotiated and purchased a cyber risk policy that is specific to the risks faced by law practices. Subject to policy terms, cover is provided for:

Crisis management costs and customer notification expense
Electronic business interruption and increased cost of working
Cyber liability to third parties (to the extent these are not covered under other relevant policies)
Privacy regulatory defence and penalties
Cyber extortion payments consented to by the insurer

The policy limit for each law practice is $50,000 for all cover under the policy during the period of insurance. The applicable excesses under the cyber risk policy are based on each practice’s gross fee income for the last complete year, and range between $nil and $25,000, as shown here.

Law practices should consider whether this limit and breadth of cover is sufficient for their individual needs. An insurance broker or professional adviser will assist in making this determination.

Resource Library

A comprehensive Library of information to keep you informed and aware.

Policy Wording








Cyber Articles