Frequently Asked Questions

 
Hero Banner PEXA.jpg

Our course:

focusses on the human factors that increase your business’s exposure, and contains essential cyber risk education in language that participants can understand.

The online format is ideal while working remotely and during COVID-19 restrictions.

What are the key course outcomes?

Our course challenges common assumptions that can prevent you and your employees from taking the steps necessary to protect your business from cyber events and email fraud. Assumptions like:

  • We’re too small (or big) to be a target

  • You need to be a target to be a victim

  • Managing cyber risk is something I can leave to an IT department or consultant

  • I’m too senior/too junior for this to involve me personally

Through our CPD-eligible course you and your team will learn:

  • Managing cyber risk is a professional issue

  • Why cyber risk is everyone’s responsibility

  • How cyber events and human error occur

  • Practical steps to protect yourself, your business and your clients

 

Be sure to jump down to the bottom and read feedback on our online courses

 

Who is Law & Cyber?

Law & Cyber is committed to protecting Australians from cybercrime through education, legal advice and consultancy services.

To date nearly 3,500 business professionals have completed our online training customised to meet their business needs.

Our first online course Cyber Risk for Law Firms was launched in collaboration with LPLC in March 2020. LPLC, the professional indemnity insurer for Victorian legal practices and Australia’s largest law firms, recommended that every employee at each of its insured law practices complete our course.

Since then our courses Cyber Risk for Law Firms, Cyber Risk for Conveyancers, Cyber Risk in the Property Industry and Cyber Risk in the Built Environment have also been licenced or recommended by PEXA,  the Australian Institute of Conveyancers (NSW, Victoria, and Western Australia), and Pointsbuild.

L&C was founded by Simone Herbert-Lowe, who brings to our training programs deep experience in legal and professional risk, cyber risk management and education, professional liability and insurance. Find out more about our expertise and experience here.


How is this course different to generic cyber training?

Our course goes deeper than generic cyber awareness training. You will learn how to identify and protect yourself, and your business, against common cyber threats and attacks, particularly as these relate to your own profession or industry. You’ll gain an understanding of principles and policies, commonly used authentication techniques, cyber security fundamentals and recognising signs of email-enabled fraud. The course provides practical ways to ensure safe working online and how to identify cyber security incident and business email compromise.

We discuss real life case studies and relatable hypotheticals to drive home the impact and legal consequences that cyber events can have on businesses, their customers and the community.


What is the guiding philosophy behind the training?

At L&C we believe that real life stories that are directly relevant and impactful for the audience, rather than “tick and flick” compliance videos, are the most persuasive way to achieve genuine and long-lasting behavioural change.

More than 90% of cyber attacks are launched via an email. COVID-19 has unfortunately led to increased risk through less face-to-face-interaction, greater reliance on email and increased distraction which all present opportunities for scammers and hackers. While education is vital, a key issue for businesses is to challenge common assumptions such as “my business is too small to be a target” or “my business is safe because we use anti-virus software” or “this would never happen to me”.

For behavioural change to occur, education needs to be practical, engaging and compelling. The more relevant, contextual and industry-specific the training scenarios, the more participants will understand "this could actually happen to me". Our course presents accounts of both individuals and businesses impacted by cyber events and outlines the consequences and legal issues that arise for the business.

A key aspect of the training is building awareness about the prevalence of cybercrime globally and how property practitioners are particularly exposed to actions for breach of trust, negligence and breach of confidentiality when compared to most other businesses.


How is the content tailored to the property industry?

Compared to other businesses, professionals in property transactions manage extremely large amounts of money and are under strict legal and professional duties, meaning that specialised training is essential.

These legal and professional duties include:

  • Duties of care

  • Trustees’ duties

  • Contractual duties and regulatory compliance including with ARNECC’s Model Participation Rules; and 

  • Professional duties

These obligations amplify the risk for property practitioners, including the risk of uninsured losses, and personal and professional risk exposures.

Your staff will learn about risks relating to cybercrime, information security and human error in the context of their unique legal and professional obligations.

For example, a significant risk for professional trustees comes from email-enabled impersonation fraud which may not involve any email account compromise. Our course explains how to recognise this type of fraud, and processes that can be incorporated to prevent you and your business becoming a statistic – or, even worse, a headline - using real life examples that have impacted other professionals.  

Did you know that actions for breach of trust of trust and breach of fiduciary duty are excluded from protection under limited liability schemes? This means that you and your business could face a very significant uninsured exposure in the event any person in your team falls for an email scam involving monies held in trust. This is most likely to come from a highly targeted email communication, rather than a generic phishing email sent in an email blast to thousands of people.

Read our article Eight Reasons Why Cyber Threats Are Now A Key Risk For Property Practitioners for more insights.


Our team has already done cyber awareness training, and I’m conscious of the time and expense of doing more. Why should I pay for this?

According to Cybersecurity Ventures, cybercrime will lead to the biggest transfer of wealth in human history. Cybercrime is increasing every day and experts agree it is important not only to complete training, but to continually refresh and update existing knowledge so that it remains front of mind.

Costs of a cyber incident to a business, its employees and owners can include:

  • Serious reputational damage

  • Damage to clients and client relationships

  • Payment redirection fraud

  • Loss of data or even all your business records

  • Exposure of confidential information

  • Uninsured losses

  • Losses that are uncapped by limited liability schemes, which do not cover actions for breach of trust or breach of fiduciary duty.

The potential for law suits as a result of cyber breaches will only escalate, and plaintiffs’ lawyers will closely scrutinise steps taken by businesses to educate staff about this growing area of risk. Our course has been written by an expert in legal and professional duties and is designed to cover the key areas where cyber risk, and business and professional risk intersect.

Increased regulation for company directors, managers and businesses who do not take adequate steps to ensure cybersecurity in the business all mean that cybersecurity awareness needs to be addressed in a holistic and meaningful way rather than a compliance-only based approach.


Is the course suitable for large businesses?

The course is practical, relatable, engaging and current, and includes real life case studies and hypotheticals that explain the legal implications of cyber breaches which will resonate for every member of your team.

It’s why some of Australia’s leading law firms have made our courses compulsory for all their employees.

As lawyers we need to understand the risks and impacts involved in cyberattacks both for our own cyber security and that of our clients. This course has provided us with practical, relatable and valuable information to enhance the knowledge of both our professional and support teams. We required every member of our teams nationwide complete this excellent course.

— Geoffrey Connellan –

National Managing Partner, Moray & Agnew Lawyers
Course: Cyber Risk for Law Firms


Does the course address ARNECC-mandated cyber awareness areas?

Since April 2021 cyber security awareness training has become mandatory for all users of an Electronic Lodgement Network. Our course has been endorsed by PEXA, Australia’s leading lodgement and settlement platform for property transactions.

The course includes:

  • Information about ARNECC’s Model Participation Rule 7.2.1 that now requires cyber security awareness training for all staff

  • Examples involving property practitioners and the legal implications of those events

  • Up to the minute information about cybercrime globally and in Australia.

The course has been designed to address the areas that both L&C and PEXA believe to be the most important cyber security essentials for property professionals.

Please note that presently there is no formal accreditation body designed to supervise compliance with the requirements under Model Participation Rule 7.2.1. ARNECC has expressed the view the Electronic Lodgement Networks are best placed to determine relevant content.

L&C is proud to be the only external training provider selected by PEXA to offer cyber security awareness training to its subscribers and users.


What feedback have you received from participants and clients?

Nearly 3,500 business professionals have now completed our online courses and more than 2,550 people have completed our course satisfaction survey. To summarise:

99% of participants agreed the course increased their understanding of cyber risk.
95% of participants liked the way the course was structured.
92% of participants found the course content appropriate for their needs.
89% of participants said they would recommend our course to others.

Feedback received demonstrates the value participants find in our course structure, content and approach.


Is the course suitable for large or small business?

The short answer - both. Our courses are practical, relatable, engaging and current. They include real life case studies across small, medium and large enterprises, with hypotheticals that explain the legal implications of cyber breaches. Furthermore, these case studies are suitable and relatable for every member of your team across your whole business.

Our clients have included businesses of all sizes from solo operators to large national law firms.


Are bulk purchases available for firms wanting to enrol multiple staff?

Yes. Instead of individual payments we can send you a tax invoice covering multiple enrolments and provide a link to you so that all your team can enrol seamlessly.


Are discounts available for multiple enrolments?

Discounts for more than 20 enrolments are available on request. 

Pricing may depend on the number of participants and your preferred level of reporting. Contact us here for further details.


Can the course be customised to incorporate our branding and other content?

Absolutely! Your business’s branding and colour palette can be incorporated on the course chapter pages and slides, which you might find of value if you intend on sharing the course with your clients.  

We can also upload relevant documents you wish to include for staff or expand or edit the course.

Separate pricing may apply depending on the level of customisation requested.


Is it possible to upload the course to our firm’s learning management system?

Yes. Available options include:

  • Enrolments using a unique link to our course platform

  • Including a link to our course on your LMS, enabling you to keep your own attendance records

  • Sharing our files for uploading to your own LMS

Sharing files requires a formal licence agreement which is available on request.


I would like to make the course mandatory for all our employees – are you able provide reports confirming which staff members have completed the course?

Yes. Other businesses have also made our course mandatory for all employees and we can provide you with weekly reports to facilitate your compliance needs.

Our standard pricing includes:

  • A report on enrolments and successful completions after the first week, to confirm all aspects of user experience are working well

  • A monthly report on enrolments and successful completions.

Additional reporting and student follow ups are available on request (an additional fee may apply).


Do you offer live training as an alternative to the online course?

Absolutely! We have presented to a wide range of law societies, other lawyers’ associations, real estate institutes, conveyancing associations, law firms, community legal centres and commercial CPD providers.

Access more information here.


 

Testimonials

What our participants have said about our online courses