How prepared is your business in the event of a cyber security breach?

How can cyber attacks affect my business?

As technology becomes more advanced cyber security is becoming something every business needs to consider. A successful cyber attack can have a major effect on your business reputation and the trust of your consumers.

How will my reputation be affected?

Trust from your consumers is essential when growing your business, however a cyber attack can significantly erode that trust and become counterproductive when building your brand. If this happens, this can lead to a loss of customers, a loss of sales, and a reduction in profits amounting from this. Furthermore, affected customers may even consider legal action against your business. Suppliers may also lose trust in your business, and it may even affect relationships within your business such as with other partners or investors.

What about financial loss?

Cyber attacks can result in substantial financial loss arising from:

  • Theft of financial information, such as bank details or payment card details
  • Theft of money held within the business
  • A disruption in trading due to the inability to carry out further online transactions

Furthermore, businesses who have suffered a breach in their cyber security may also incur further costs in repairing affected systems and devices. In the long-run, it is usually cheaper to hire a professional penetration tester to make sure your systems are secure, than it is to repair the damage from a breach!

cyber

What are the legal consequences of a cyber security breach?

Under the Data Protection Act you must manage the security of any personal data you hold. Any data that is either accidently or deliberately compromised due to not having appropriate security measures may result in fines and regulatory sanctions. The General Data Protection Regulation (GDPR) is a new regulation coming into force in May 2018 by European Parliament. The aim of this regulation is to give people control over their personal data. Any breach of this regulation can lead to receiving a warning (in cases of first and non-intentional non-compliance), periodic data protection audits, and fines.

How can I prevent cyber breaches?

First and foremost, make sure you invest in some anti-virus and anti-malware software. Make sure that this software remains updated and that you perform regular security scans. If you find anything on your systems that shouldn’t be there, uninstall it or quarantine it using your anti-virus software immediately.

Secondly, ensure that your employees are aware of any cyber security prevention procedures that are in place within the business. Educate them on how to keep their passwords safe (such as not keeping a piece of paper with their passwords at the desk), and not to speak to those outside the business about security. One of the easiest way to breach security is simply to obtain a password or information from an employee.

It may seem obvious, but make sure any passwords used within your business are strong. The easiest way to enter a secure website is to exploit a weak password. In order to create a strong password, make sure it is at least eight characters (or longer!) and includes a combination of numbers, letters and symbols. Try to avoid any words that may relate to you, such as names, dates or locations.

Make sure you take advantage of a two-step verification process for your business accounts. This will offer an extra layer of security as opposed to simply requiring a username and password. Banks are a perfect example of this in that they require a username, password, and often a security number in order to enter your account.

How can I minimise the impact of a cyber attack?

In order to minimise the aftermath of a cyber security breach you should have an incident response plan in place which will allow you to quickly and effectively deal with the breach.

First, contain the breach to mitigate any further damage to your business. In order to do this, make sure you assess how large the breach is and investigate all systems which may have been affected. You may need to reroute network traffic and block web attacks, and it may be necessary to suspend any compromised devices or networks.

Make sure you have personnel qualified to respond to the incident. This will usually comprise of technical employees to investigate the breach, a public relations expert to deal with any damage to your brand, and possibly a data protection expert if any held data has been compromised.

How prepared is your business in the event of a cyber security breach?

Melissa H

 

This blog post was written by Melissa Henderson. Melissa is a final year MLaw student at Northumbria University currently working in a business & commercial firm in the Student Law Office. After graduating she hopes to return to her volunteering role in South Africa before beginning her career. Her interests outside of law include animal rights and powerlifting.

 

Advertisements

Do you have a PSC Register?

What is the PSC Register?

From April 2016 all private companies and LLPs have been required to maintain a Persons of Significant Control (PSC) Register. This is a record of the people who own or control the business which is available for public inspection. Notably, it does not replace the registers of directors and members, these must also be present and kept up to date.

A director or secretary will have to:

  • make sure the register identifies those with significant control over the company and details their information. This includes their name, date of birth and service address;
  • the register must include the nature and extent of the PSC’s control. For example, it must list the amount of shares the person holds;
  • provide this information to Companies House annually as part of Form CS01 (which has replaced the Annual Return);
  • update the register when it changes; and
  • make the register available for inspection at the company’s registered office.

Who is a PSC?

A PSC is an individual:

  1. who holds more than 25% of shares in the company (or more than 25% of the remaining assets if the LLP were to be wound up); or
  2. who holds more than 25% of voting rights; or
  3. who holds the right to appoint or remove the majority of the board of directors (or those involved with management if the business is an LLP); or
  4. who is otherwise able to exercise significant control over the company. This could include someone having the independent power to change the nature of the business; or.
  5. who holds the right to exercise or actually exercises significant control over a trust or company that meets any of the other 4 conditions.

Companies House has an excellent video explaining how to identify a PSC.

If a PSC refuses to give information this constitutes a criminal offence. Failure to take reasonable steps to ascertain who is a PSC is also a criminal offence.

If your business does not have a PSC, a register will still need to be kept and state the following: “The company knows or has reasonable cause to believe that there is no registrable person or registrable relevant legal entity in relation to the company.”

Why should your business have a PSC?

It makes the company transparent and promotes trust and accountability. As such, it could persuade potential investors to invest in the company. Without a PSC register it may be difficult to attract investors due to the lack of transparency.

In any event, it is compulsory and liability can arise for failure to comply to keep this register. Failure to comply carries an initial fine of £1,000 (or maximum 2 year prison sentence) and, until this is rectified, there is a £100 daily fine.

This blog post was written by Karl Lynch. Karl is a student working in the business firm within the Student Law Office. Karl has experience in a variety of industries but hopes to obtain a training contract at a local commercial law firm. He has a passion for business, in particular corporate governance.

How is Artificial Intelligence affecting the legal sector?

As technology is becoming more advanced with the introduction of smartphone apps providing a wide variety of services, how long will it be before you can get legal advice from your smartphone? It may be closer than you think.

In 2016 a second-year student at Stanford University created “the world’s first robot lawyer”, called DoNotPay, which has helped to overturn over 160,000 parking tickets. The creator of DoNotPay, Joshua Browder, told Venturebeat.com that he is also going to use the programme to help people with HIV understand their legal rights and to collect compensation for people whose flights were delayed beyond four hours.

Although at an early stage, the advancement of technology into the legal sector is evident. There are a number of examples, including NextLaw Labs  – a global collaborative group focused on developing new technologies to transform the practice of law around the world.

One start-up that has been helped by Next Law Labs is Ross Intelligence. Ross Intelligence has developed an artificial researcher, which uses a legal databases, such as Westlaw and LexisNexis, to find information based on questions that you can input into the programme. This may significantly reduce a client’s bill. If the artificial intelligence is doing  most of the research then the solicitor doesn’t have to – less time spent  leads to lower bills for the client.

Many other areas are being heavily influenced by technology – take self-service apps for the taxi industry,  for example. So the case for a cheaper way of accessing legal information is understandable. The legal sector has historically been seen as a very high end area of expertise, and therefore the price reflects the amount of work and skill that goes into the job.

The question then is:  should there be an influx of artificial intelligence which is capable of doing a majority of the preliminary research needed for a case. And where do the trainees fit into any new system?

One of the main jobs a trainee will do is to draft documents and undertake research to be passed onto a supervisor. Should the use of artificial intelligence increase, and these jobs taken by artificial researchers, the need for trainees may slow down somewhat. The legal profession is already very competitive – the Law Society reported that from August 2013 to July 2014, there were only 5,001 training contracts available, for the 16,116 students who graduated with a law degree during the same period.

The need for trainees will always be essential to a large and expanding law firm, however as a law firm is a business, smaller firms may see it as more cost effective to use artificial researchers rather than hire trainees in the future. It will be interesting to see how this develops. Of course, there is still a need for a personal approach to tailor the services to the client’s business, so it is unlikely that we will see practicing robot lawyers any time soon.

Reece

This blog post was written by Reece Trammer. Reece is a final year student studying at Northumbria University in a business firm in the Student Law Office. Upon graduating, he will be looking for a Training Contract or Paralegal work in a commercial law firm. His interests outside of law include football, rugby and snooker. 

 

Brexit and the Northern Powerhouse: Doom & Gloom or New Opportunities on the Horizon?

It’s not just the ‘Fog on the Tyne’ which appears to be casting a dark cloud over the North. On 23 June 2016, the United Kingdom (UK) voted in favour of leaving the European Union (EU) and the aftermath has left the future of the North of England in considerable uncertainty.

For some time many have considered the region to be the ‘poor relative’ to the South East of England, the financial heart of the services industry continuing to beat strongly. Those in the North may be forgiven for the pessimistic whispers whirling around the region. The North was once recognised as the industrial heartland of the UK but many now associate the region with the particular low-points in its history. Ship building sailed away from the area in the 70s, the mines closed in the 80s and 90s, in the 00s the global recession significantly damaged the economy of the area, and in the current decade the furnaces of the steel industry have been extinguished.

Prior to the referendum, the 2010 coalition Government coined the term the ‘Northern Powerhouse’. This was a proposal to boost the economic growth of the area by supporting the inter-connected development of the region’s ‘core cities’, Newcastle, Leeds, Sheffield, Manchester and Liverpool to move the UK economic reliance away from the South East. The vote for Brexit has since cast some doubt on the commitment to this plan to strengthen the North. However, there is an argument to suggest that such a pessimistic outlook may be misplaced.

One of the tenets of the Northern Powerhouse is to create transportation improvements between the core cities in order to increase productivity within the area. The North-East corridor has already established strong transportation links by land (A19 & A1), sea (Port of Tyne, Teesport and the Port of Hull), rail (East Coast main line) and air (Newcastle and Durham Tees-Valley Airport). These links have already been utilised by many international corporate investors such as Nissan, however further improvements may soon be on their way. In the 2016 Budget, the UK Government pledged £60 million worth of investment towards the development of ‘High Speed 3’ (HS3). This is the concept of a rail link between Manchester and Leeds decreasing the total travel time between the cities to just 30 minutes. Not only will this bring productivity improvements by way of decreased travel times but also the opportunity for regional stakeholders to get involved. This may be by way of the creation of HS3 or the future sustainability of the scheme and will likely secure a significant amount of jobs for those who are currently finding opportunities for work hard to come by.

Furthermore, the Government has also pledged to reduce Corporation Tax to 17% by 2020. Corporation Tax has already been cut from 28% to 20% in recent years making it currently the lowest within the G20. A further cut will surely make the UK one of the most globally competitive market places for businesses to locate. In doing so this will bring employment, growth and opportunity to the region. The signs are already there that such incentives are bringing new opportunities to the region. Science Central is currently under construction in the West-End of Newcastle City Centre boasting 24 acres of development aimed at promoting science and technology within the region. Newcastle already accommodates world leading science and technology initiatives including Campus North – a programme encouraging digital business start-ups, The Centre for Life – providing world-leading medical research, Siemens – employing thousands of jobs in the region supporting technology and rail development and two National leading universities – Northumbria and Newcastle Universities – creating some of the region’s future business leaders. The North of England has long been considered the home of ‘heavy industry’ however, the promotion of science and technology in the region may suggest the development of a new ‘white coat’ economy within the area. Science Central, and those other similar initiatives, are therefore a significant ‘thumbs-up’ for science and technology development within the region.

Many have suggested that the North is currently heavily sustained by contributions from European Regional Development Fund and without this the North will struggle to sustain growth in the future. Though it is a legitimate point of concern, there are signs that there are initiatives in the pipeline which seek to fill the void this may leave. One of the policies of the 2015 Conservative Government has been to promote the devolution of powers from central government to local authorities, so that resources may be best distributed by regional bodies who have a greater sense of know-how as to areas which most need it. The effects have already been felt in some areas across the North. The Greater Manchester Agreement has delivered not only its first mayoral election, to take place in 2017 but has also secured significant investment in the local economy. This has included a £300 million Housing Investment Fund, powers to share autonomy for health and social care, devolved business and support packages and a consolidated transport budget. Within the North East, similar initiative are already in their infancy such as the North East Combined Authority (NECA), a strategic authority with combined powers over the local economy, transport, development and regeneration. The NECA have recently published targets for securing initiatives in the area creating £400 million investment and 8000 further jobs.

Overall, despite the initial uncertainties which manifested out of the vote for Brexit, there are signs that the Northern Powerhouse will continue to grow and develop with new and exciting opportunities. There are also signs that the Northern economy is beginning to diversify into new industries a world apart from its traditional ‘heavy industry’ heritage. The signs are there that the ‘Fog on the Tyne’ may soon lift and with it reveal the new ‘Local Hero’.

Matt R

 

This post was written by Mathew Robinson. Mathew is a final year MLaw student at Northumbria University and has secured a training contract with Bond Dickinson for when he completes his studies which he is looking forward to. Mathew is a big Middlesbrough FC fan and in his free time can be found on the football pitches around Newcastle.

Sky’s the limit for OpenWorks!

This year has been particularly exciting for students Elena and Dan who have been lucky enough to work with a group of British engineers who are set to take the security and counter terrorism markets by storm.

OpenWorks Engineering Ltd, founded in July 2015, has invented a system that offers security operators a ground-breaking alternative way to defeat nefarious drones. The company has now presented the official launch of their SkyWall100 drone defence system at the 2016 Home Office Security and Policing event and we can expect to see the first SkyWall100 systems in use before the end of the year.

SkyWall100 Front Shot

Chris Down, Managing Director of OpenWorks, said:

“Authorities around the world have been looking for a system like this and we are proud to continue the tradition of British innovation in the security industry.”

Providing OpenWorks with free legal advice and documentation at such an important stage has been a unique opportunity for Elena and Dan to develop their legal skills. Working with Roland Wilkinson, OpenWorks’ Financial Director, Elena and Dan drafted terms of use, a cookies policy and a privacy policy for the company website, and advised on general corporate governance issues. The work has provided a thrilling insight into the issues facing young businesses and the latest developments in the technology and engineering sector.

Elena and Dan said:

“Working with OpenWorks was a wonderful experience. Not only did this allow us to develop our legal skills with a commercial client, but, importantly, we were able to spend time really getting to know the business. We were inspired by their innovative personality, ambitious aims and strategic future plans and we are excited to work with other young businesses in the future.”

Elena and Dan headshots

Dan and Elena in the Student Law Office

Roland Wilkinson, Financial Director of OpenWorks, said:

“As a young start up, OpenWorks Engineering was looking for some legal guidance on website policies. The Student Law Office took on the whole process, delivering complete policies ready to publish with minimal input from myself. Elena and Daniel were professional and knowledgeable with prompt updates throughout. For appropriate legal counsel, I would thoroughly recommend the Student Law Office.”

The Student Law Office would like to wish OpenWorks every success in the future and we look forward to following their progress with SkyWall100.

This blog post was written by Elena Cross and Dan Watson. Elena graduated from Northumbria University this summer. Elena has secured a training contract with Bond Dickinson LLP in Newcastle for September 2016 and is excited to get started! In the meantime, Elena will continue to work as a bridal consultant in a wedding dress shop and enjoys spending her free time cooking and socialising. Dan also graduated from Northumbria University this summer. He has aspirations to become a commercial lawyer and outside of work has passion for playing and watching sport.

Farewell from the 2015/16 firms!

It’s that time of year again where students who have been working in the Student Law Office begin to prepare for life after university. Following on from Abbie’s welcome post in November, it seems fitting to reflect on the work we have completed this year – and what a year it’s been!

Campus - CCE

We have been dealing with queries ranging from website policies, terms and conditions and intellectual property issues from many different clients including an engineering business, a sole trader service provider and even a university business clinic.

Our time in the Student Law Office has given us an exciting insight into commercial practice. We have also reflected on how our work may have long-lasting benefits for clients who are able to invest funds elsewhere and continue to progress in a thriving business community.

The experience has undoubtedly enhanced our career prospects by providing us with a year of unique practical legal experience and an increased level of commercial awareness.

On a personal note, we felt an amazing sense of achievement when we saw that our client has successfully implemented policies we had drafted onto their company website.

Below, some of our fellow students reflect on their experience and what they have enjoyed the most.

Robyn Heeran says:

“Throughout this year in the SLO I have really enjoyed the hands-on learning experience. Knowing that a client is depending on you to advise them on real life issues ASAP is really motivating and rewarding.”

Perri Byrne says:

“I have really enjoyed working with real clients, especially being given the responsibility to hand and manage their cases.”

As well as our client work we have been lucky enough to be involved in the Student Law Office in other exciting ways, including:

  • travelling to London to give intellectual property advice to a client;
  • leading our own firm meetings (this included playing Jenga and Pass the Parcel!);
  • networking at the Inspiring Entrepreneurs event;
  • receiving a visit from a member of the University of Strathclyde’s Law Clinic; and
  • raising an enormous amount of food for Newcastle West’s foodbank!

The experience has been truly unforgettable and the lessons learnt will stay with us throughout our professional lives. We hope that next year’s students and clients have an experience as enjoyable and rewarding as ours!

This blog post was written by Elena Cross and Dan Watson:

Elena and Dan


Elena is a final year MLaw student currently working in a business and commercial firm in the Student Law Office. Elena has secured a training contract with Bond Dickinson LLP in Newcastle for September 2016 and is excited to get started! In the meantime, Elena will continue to work as a bridal consultant in a wedding dress shop and enjoys spending her free time cooking and socialising.

Dan is a final year MLaw student who is currently advising commercial clients in the Student Law Office. He has aspirations to become a commercial lawyer and outside of work has passion for playing and watching sport.

 

How important is your business image?

Last month, food and drink giants Nestlè announced they had cancelled their sponsorship with the International Association of Athletics Federation (IAAF), due to fear that the recent corruption and doping scandals enveloping athletics would damage its public image. This begs the question: how important is your business image?

The importance of having a good image

In their statement Nestlè explicitly state that they wish to protect their image and reputation. This is with good reason as in 2014/15 they registered sales of CHF 91.6 billion and no doubt they would want this to continue to rise. With allegations of corruption and doping surrounding the IAAF, Nestlè would no doubt be dragged into this scandal and guilt by association would at some point take place.

A good image is vital for a business to survive. Having a good image and reputation means that you may not have to spend a significant amount of time persuading potential customers or business partners that your services are worthwhile.  This could result in your business being transformed from a small, unknown business to one of the most trusted businesses in your sector. Instead of spending money on trying to improve your image, your image and reputation will speak for itself.

What happens if your business does not have a good image?

Should your image start to falter, it is important to ask why. For instance, has your business just received a bad review for the services it provides? Or are you in partnership with a business that does not have a particularly good image itself? Whatever the cause suffice to say that the problem needs immediate attention. If your business does not have a good image or reputation it could lead to the Nestlè scenario: cancellation of a partnership contract. It is interesting to note that Nestlè was not the first to act. The IAAF’s biggest sponsor, Adidas, reportedly pulled out of their contract too.

How can your business obtain a good image?

The most popular way a business can obtain a good image is getting involved in charity events. Not only do businesses get involved but so do law firms. For example, Morrisons are now the sponsors of the Great North Run in Newcastle. By sponsoring a national event that so many people use to raise money for charity, Morrisons will improve their image not only in the public eye but in the corporate eye also. Having completed the run myself I would say it indeed works!

Law firms also like to engage in charity work. For example, Muckle LLP provided pro bono services to over 60 charities that would have cost over £100,000 so that they could do their bit to help the local community. There are other great examples of law firms being active when it comes to charity work. Sills and Betteridge choose a different charity each year and then help raise money for that particular charity by organising different events, such as a bake sale or participating in the Lincoln 10K. These events and services help the local community and show the public that the law firms are responsible businesses.

Chris MThis post was written by Chris Middleton. Chris is a final year MLaw student currently working in the business and commercial firm in the Student Law Office. On graduation Chris hopes to travel through Europe before securing a training contract or a paralegal job to start his law career. Outside of law Chris is a keen sportsman, with football and long distance running being his main disciplines within sport.