
Defense
Defense!?
Criminal defense law firm Tuckers Solicitors is facing a fine from the UK's data watchdog for failing to properly secure data that included information on case proceedings which was scooped up in a ransomware attack in 2020. The London-based business was handed a £98,000 penalty notice by the Information Commissioner's Office …
I mean, it'd be a rare thing if a firm swimming in dosh like a prominent law firm did all their own IT, even if they had in-house architects, PMs and BAs.
I onboarded several when I was working for an MSP. They're absolutely the worst customers, as they can run rings around you during MSA contract negotiation and management unless you retain your own top-tier shysters, and no-one can price that in.
Which all means that any losses they've made will be aggressively recovered from the MSP. One of those situations where it's comforting to contemplate both sides losing.
"I mean, it'd be a rare thing if a firm swimming in dosh like a prominent law firm did all their own IT,"
"Predominantly Legal Aid". That means they are NOT swimming in dosh. For non-UK readers, Legal Aid is where the state pay for your legal representation if you meet the standards of not being able to afford it yourself.
A law firm got penalized - not jailed or flogged, but it's a start.
OTOH, how many here have not yet applied patches because they are still testing them? How many here are running old software for compatibility reasons?
Now, how many here would like the Information Commissioner's Office to second guess you?
IANAL nor a commissioner, but I strongly suspect that if you have the patch on a test system and a notebook or log or mjnute or SOP indicating you are testing it, any criticism would be much more muted than in this case.
For a reasonable duration of testing.