Frequently Asked Questions

 
Hero Banner PEXA.jpg

Our course:

focusses on the human factors that increase your business’s exposure, and contains essential cyber risk education in language that participants can understand.

The online format is ideal while working remotely and during COVID-19 restrictions.

What are the key course outcomes?

Our course challenges common assumptions that can prevent you and your employees from taking the steps necessary to protect your business from cyber events and email fraud. Assumptions like:

  • We’re too small (or big) to be a target

  • You need to be a target to be a victim

  • Managing cyber risk is something I can leave to an IT department or consultant

  • I’m too senior/too junior for this to involve me personally

Through our CPD-eligible course you and your team will learn:

  • Managing cyber risk is a professional issue

  • Why cyber risk is everyone’s responsibility

  • How cyber events and human error occur

  • Practical steps to protect yourself, your business and your clients

 

Be sure to jump down to the bottom and read feedback on our online courses

 

Who is Law & Cyber?

Law & Cyber is committed to protecting Australians from cybercrime through education, legal advice and consultancy services.

To date nearly 3,500 business professionals have completed our online training customised to meet their business needs.

Our first online course Cyber Risk for Law Firms was launched in collaboration with LPLC in March 2020. LPLC, the professional indemnity insurer for Victorian legal practices and Australia’s largest law firms, recommended that every employee at each of its insured law practices complete our course.

Since then our courses Cyber Risk for Law Firms, Cyber Risk for Conveyancers, Cyber Risk in the Property Industry and Cyber Risk in the Built Environment have also been licenced or recommended by PEXA,  the Australian Institute of Conveyancers (NSW, Victoria, and Western Australia), and Pointsbuild.

L&C was founded by Simone Herbert-Lowe, who brings to our training programs deep experience in legal and professional risk, cyber risk management and education, professional liability and insurance. Find out more about our expertise and experience here.

How is this course different to generic cyber training?

Our course goes deeper than generic cyber awareness training. You will learn how to identify and protect yourself, and your business, against common cyber threats and attacks, particularly as these relate to your own profession or industry. You’ll gain an understanding of principles and policies, commonly used authentication techniques, cyber security fundamentals and recognising signs of email-enabled fraud. The course provides practical ways to ensure safe working online and how to identify cyber security incident and business email compromise.

We discuss real life case studies and relatable hypotheticals to drive home the impact and legal consequences that cyber events can have on businesses, their customers and the community.

What is the guiding philosophy behind the training?

At L&C we believe that real life stories that are directly relevant and impactful for the audience, rather than “tick and flick” compliance videos, are the most persuasive way to achieve genuine and long-lasting behavioural change.

More than 90% of cyber attacks are launched via an email. COVID-19 has unfortunately led to increased risk through less face-to-face-interaction, greater reliance on email and increased distraction which all present opportunities for scammers and hackers. While education is vital, a key issue for businesses is to challenge common assumptions such as “my business is too small to be a target” or “my business is safe because we use anti-virus software” or “this would never happen to me”.

For behavioural change to occur, education needs to be practical, engaging and compelling. The more relevant, contextual and industry-specific the training scenarios, the more participants will understand "this could actually happen to me". Our course presents accounts of both individuals and businesses impacted by cyber events and outlines the consequences and legal issues that arise for the business.

A key aspect of the training is building awareness about the prevalence of cybercrime globally and how property practitioners are particularly exposed to actions for breach of trust, negligence and breach of confidentiality when compared to most other businesses.

How is the content tailored to the property industry?

Compared to other businesses, professionals in property transactions manage extremely large amounts of money and are under strict legal and professional duties, meaning that specialised training is essential.

These legal and professional duties include:

  • Duties of care

  • Trustees’ duties

  • Contractual duties and regulatory compliance including with ARNECC’s Model Participation Rules; and 

  • Professional duties

These obligations amplify the risk for property practitioners, including the risk of uninsured losses, and personal and professional risk exposures.

Your staff will learn about risks relating to cybercrime, information security and human error in the context of their unique legal and professional obligations.

For example, a significant risk for professional trustees comes from email-enabled impersonation fraud which may not involve any email account compromise. Our course explains how to recognise this type of fraud, and processes that can be incorporated to prevent you and your business becoming a statistic – or, even worse, a headline - using real life examples that have impacted other professionals.  

Did you know that actions for breach of trust of trust and breach of fiduciary duty are excluded from protection under limited liability schemes? This means that you and your business could face a very significant uninsured exposure in the event any person in your team falls for an email scam involving monies held in trust. This is most likely to come from a highly targeted email communication, rather than a generic phishing email sent in an email blast to thousands of people.

Read our article Eight Reasons Why Cyber Threats Are Now A Key Risk For Property Practitioners for more insights.

Our team has already done cyber awareness training, and I’m conscious of the time and expense of doing more. Why should I pay for this?

According to Cybersecurity Ventures, cybercrime will lead to the biggest transfer of wealth in human history. Cybercrime is increasing every day and experts agree it is important not only to complete training, but to continually refresh and update existing knowledge so that it remains front of mind.

Costs of a cyber incident to a business, its employees and owners can include:

  • Serious reputational damage

  • Damage to clients and client relationships

  • Payment redirection fraud

  • Loss of data or even all your business records

  • Exposure of confidential information

  • Uninsured losses

  • Losses that are uncapped by limited liability schemes, which do not cover actions for breach of trust or breach of fiduciary duty.

The potential for law suits as a result of cyber breaches will only escalate, and plaintiffs’ lawyers will closely scrutinise steps taken by businesses to educate staff about this growing area of risk. Our course has been written by an expert in legal and professional duties and is designed to cover the key areas where cyber risk, and business and professional risk intersect.

Increased regulation for company directors, managers and businesses who do not take adequate steps to ensure cybersecurity in the business all mean that cybersecurity awareness needs to be addressed in a holistic and meaningful way rather than a compliance-only based approach.

Is the course suitable for large businesses?

The course is practical, relatable, engaging and current, and includes real life case studies and hypotheticals that explain the legal implications of cyber breaches which will resonate for every member of your team.

It’s why some of Australia’s leading law firms have made our courses compulsory for all their employees.

As lawyers we need to understand the risks and impacts involved in cyberattacks both for our own cyber security and that of our clients. This course has provided us with practical, relatable and valuable information to enhance the knowledge of both our professional and support teams. We required every member of our teams nationwide complete this excellent course.

— Geoffrey Connellan –

National Managing Partner, Moray & Agnew Lawyers
Course: Cyber Risk for Law Firms

Does the course address ARNECC-mandated cyber awareness areas?

Since April 2021 cyber security awareness training has become mandatory for all users of an Electronic Lodgement Network. Our course has been endorsed by PEXA, Australia’s leading lodgement and settlement platform for property transactions.

The course includes:

  • Information about ARNECC’s Model Participation Rule 7.2.1 that now requires cyber security awareness training for all staff

  • Examples involving property practitioners and the legal implications of those events

  • Up to the minute information about cybercrime globally and in Australia.

The course has been designed to address the areas that both L&C and PEXA believe to be the most important cyber security essentials for property professionals.

Please note that presently there is no formal accreditation body designed to supervise compliance with the requirements under Model Participation Rule 7.2.1. ARNECC has expressed the view the Electronic Lodgement Networks are best placed to determine relevant content.

L&C is proud to be the only external training provider selected by PEXA to offer cyber security awareness training to its subscribers and users.

What feedback have you received from participants and clients?

Nearly 3,500 business professionals have now completed our online courses and more than 2,550 people have completed our course satisfaction survey. To summarise:

99% of participants agreed the course increased their understanding of cyber risk.
95% of participants liked the way the course was structured.
92% of participants found the course content appropriate for their needs.
89% of participants said they would recommend our course to others.

Feedback received demonstrates the value participants find in our course structure, content and approach.

Is the course suitable for large or small business?

The short answer - both. Our courses are practical, relatable, engaging and current. They include real life case studies across small, medium and large enterprises, with hypotheticals that explain the legal implications of cyber breaches. Furthermore, these case studies are suitable and relatable for every member of your team across your whole business.

Our clients have included businesses of all sizes from solo operators to large national law firms.

Are bulk purchases available for firms wanting to enrol multiple staff?

Yes. Instead of individual payments we can send you a tax invoice covering multiple enrolments and provide a link to you so that all your team can enrol seamlessly.

Are discounts available for multiple enrolments?

Discounts for more than 20 enrolments are available on request. 

Pricing may depend on the number of participants and your preferred level of reporting. Contact us here for further details.

Can the course be customised to incorporate our branding and other content?

Absolutely! Your business’s branding and colour palette can be incorporated on the course chapter pages and slides, which you might find of value if you intend on sharing the course with your clients.  

We can also upload relevant documents you wish to include for staff or expand or edit the course.

Separate pricing may apply depending on the level of customisation requested.

Is it possible to upload the course to our firm’s learning management system?

Yes. Available options include:

  • Enrolments using a unique link to our course platform

  • Including a link to our course on your LMS, enabling you to keep your own attendance records

  • Sharing our files for uploading to your own LMS

Sharing files requires a formal licence agreement which is available on request.

I would like to make the course mandatory for all our employees – are you able provide reports confirming which staff members have completed the course?

Yes. Other businesses have also made our course mandatory for all employees and we can provide you with weekly reports to facilitate your compliance needs.

Our standard pricing includes:

  • A report on enrolments and successful completions after the first week, to confirm all aspects of user experience are working well

  • A monthly report on enrolments and successful completions.

Additional reporting and student follow ups are available on request (an additional fee may apply).

Do you offer live training as an alternative to the online course?

Absolutely! We have presented to a wide range of law societies, other lawyers’ associations, real estate institutes, conveyancing associations, law firms, community legal centres and commercial CPD providers.

Access more information here.

 

Testimonials

What our participants have said about our online courses

 
Featured
Structure Feedback, From Employees
"This was a very well presented course and set out things in a way that was easy to understand. I will be recommending it to my colleagues."
Structure Feedback, From Employees
Structure Feedback, From Employees
Structure Feedback
"Best one on one virtual course, beauty is that I could go over it again if I missed something I didn't get first time."
Structure Feedback
Structure Feedback
Structure Feedback
"The use of real cases to explain concepts and drive home the importance of cyber security were helpful and well placed."
Structure Feedback
Structure Feedback
Structure Feedback
"Very easy to navigate through tabs and breaking down the course allows people to digest the information before moving onto the next section."
Structure Feedback
Structure Feedback
Structure Feedback
"This is a valuable resource - well structured, well presented with great case studies - well done!"
Structure Feedback
Structure Feedback
Content Feedback, Structure Feedback
"I liked the way the course was broken up into short chapters with quizzes. I also like that I could watch it on my iPhone."
Content Feedback, Structure Feedback
Content Feedback, Structure Feedback
From Employees
"I believe all employees should look at this programme."
From Employees
From Employees
From Employees
"Straight forward delivery about a complex subject. Really motivated me to make some changes in how I operate."
From Employees
From Employees
From Employees
"I liked the use of law firm examples. I also liked the simple language used to describe each cybercrime."
From Employees
From Employees
From Employees
"Loved the recent real life examples. I have an IT background and have realised I was being a little complacent in some areas. I will definitely be implementing some changes in my organisation."
From Employees
From Employees
From Business Owners
"It would be good to provide this course on a regular basis say every 6 months so that practitioners can be kept up to date with developments in this area."
From Business Owners
From Business Owners
From Business Owners
"I found the presentation most excellent. It conveyed just how real the risk of cyber attack has become and how no business (or individual) can safely assume that it is unlikely to be affected."
From Business Owners
From Business Owners
From Business Owners
"I will be taking out Cyber Insurance now. My IT Company are excellent but this course has showed me that as a business owner that is NOT enough!"
From Business Owners
From Business Owners
Content Feedback, Structure Feedback
"The video, images and quizzes were simple and not too detailed which made it easy to understand and watch, thank you!"
Content Feedback, Structure Feedback
Content Feedback, Structure Feedback
Content Feedback
"This was an excellent course - extremely engaging (so very easy to go through in one sitting) and very usefully informative."
Content Feedback
Content Feedback
Content Feedback
"I particularly liked your focus on human error, and the highlighting that the fight against cybercrime is the responsibility of every person ... not just the IT Dept."
Content Feedback
Content Feedback
Content Feedback, From Business Owners
"Excellent presentation and valuable information particularly for a sole practitioner like myself."
Content Feedback, From Business Owners
Content Feedback, From Business Owners
Content Feedback
"Very well structured. Raised issues and solutions without being overly technical."
Content Feedback
Content Feedback
Content Feedback
"As a member of support staff, it was an excellent course and should be mandatory for all law firm employees."
Content Feedback
Content Feedback