The Bar Council and the Law Society have updated the cybersecurity questionnaire designed to help law firms better assess the cybersecurity arrangements of the chambers and barristers they instruct.

In response to feedback from users, the new version includes considerations on disaster recovery, business continuity and incident management, as well as data and device management.

Protection against phishing, identifying vulnerabilities and penetration testing are also emphasised in response to ongoing cybersecurity developments.

Nick Emmerson, president of the Law Society of England and Wales, said: "Law firms and chambers are targets for the ever-growing threats from cyber criminals.

"We know that no one tool can offer complete protection against cyber threats but this updated questionnaire will help reassure clients that data is kept as secure as possible. Firms will need to continue to take other precautions, but the development of the questionnaire is an important step in the right direction.”

Sam Townend KC, Chair of the Bar Council, said: “Keeping client information safe is of paramount concern to barristers and chambers. Since it was launched two years ago, the cybersecurity questionnaire has provided a useful tool to help protect against the threat of cyberattacks in a proportionate way.

"Through joint work with the Law Society we are making sure that this tool keeps pace with developments in cybersecurity and responds to the feedback from our members.”

A new voluntary cyber and information security affirmation has been published alongside the questionnaire to be used by barristers and instructing solicitors to set out their specific and individual roles and responsibilities in relation to data handling and processing.

The voluntary affirmation is not contractually or legally binding but provides a useful and timely reminder of the importance of cybersecurity and information management for the legal profession.

Download the questionnaire and voluntary affirmation from the Bar Council and Law Society websites.