*/
As the summer melts away, and the red glow of the setting sun fuses into the reddening leaves of autumn, thoughts turn to preparation. Like farmers gathering the harvest to prepare for winter, at the Bar, holiday homes, villas and chateaus, apartments and cottages, beaches and festivals are left behind. And the matters of the Michaelmas term brought to the forefront of the mind to be readied.
But progress never stops. And the law never sleeps. And while the blissful break of the long hot summer was a welcome relief from wet weather days and spring showers, litigation has continued. What documents have been exchanged? What applications filed and served? While cocktails and mocktails of all kinds were consumed, what advancement in case management has been missed.
Thankfully, because Chambers has the most up-to-date case management systems, nothing.
And if your chambers does not have the most up-to-date case management system, and your clerks are currently chasing the poor paralegal who was the only person unable to have a holiday, then this article will prepare you for next year, as we consider the seven best case management systems on the market:
Please note that these are listed alphabetically and not ranked in order. Different case management software might be better or best depending upon on an individual’s practice and existing infrastructure. What is consistent, though, is that case management software properly applied can reduce the practical burden on barristers.
On 31 May 2023, Progress Software, a US-based software developer, reported to regulators that hackers had found a way to infiltrate its MOVEit transfer tool. MOVEit software is utilised to transfer sensitive data securely, and crucially was used by UK payroll company Zellis, who provide payroll services to, inter alia, the BBC, British Airways, Air Lingus and Boots. An update patch was immediately released by Progress Software. However, on 5 June 2023, the BBC reported that consumer and staff data at these four companies had been compromised as a result of the MOVEit hack. Brett Callow, an analyst at cybersecurity firm Emisisoft described this supply chain cyber-attack as: ‘Potentially one of the most significant breaches of recent years.’
And the warnings have been there:* Counsel may have been a little early with regard to threats in 2022, but recent articles have focused on the prevention of supply chain attacks. (See ‘Avoid supply chain cyber attack’, Counsel, December 2022 and ‘Your guide to the information security questionnaire’, Counsel, August 2022.)
If you are subject to a supply chain attack DON’T PANIC. Prevention is better than cure and the advice provided in previous articles remains good. However, if your chambers has failed to complete the Questionnaire, or arrange for staff training, and is now subject to a breach, the following three points may help:
Unusually in the case of the MOVEit hack, CLOP, the Russian speaking group allegedly responsible for the hack, asked those subject to the breach to contact them rather than sending out ransom demands. Charles Carmakal, Chief Technology Officer at Mandiant Consulting, suggested on CNN that this was because the speed and range of the breach was so great that CLOP was ‘overwhelmed’ and could not keep up to contact individual companies.
Whether or not you pay a ransom following a supply chain attack is ultimately a commercial decision. However, paying ransoms will encourage attacks. Further, the CLOP threat was for contact and payment before 14 June 2023 otherwise data would be published on the dark web. While publication is reputationally embarrassing, and may undermine individual’s security, visibility of information published on the dark web is, appropriately for nomenclature, poor. The extent to which data will actually be seen is limited.
While visibility of data published on the dark web is poor, utility is far more dazzling. Pieces of data on the dark web, coupled with phishing techniques and social engineering can be used in secondary attacks, and can be used for years to come.
Many people at the Bar will have flown BA or shopped at Boots, and the information gleaned from these companies can be used to generate emails, messages and notifications which look very real. Be wary! If you are being asked for information pause and consider whether the request is genuine. If there is any doubt seek verification from the individual or company requesting the information, ideally using a different device and/or medium from the one that you received contact.
Never provide your log-in details to another regardless of the apparent authority or authenticity of the request. Your log-in details are your details! Like the keys to your house or car, do not give these to someone unless you trust them implicitly not to ransack your house or crash your car.
Avoid clicking links on messages. Official messages relating to ‘resetting passwords’ or ‘scanning devices’ utilise the fear generated from a cyber-attack to gain information in a secondary attack.
The repercussions from the MOVEit hack will be felt for many years to come. The information is out there and hackers will seek to utilise the data. Thankfully, most systems now need multi-factorial authentication. But the data which has been captured and released as a result of the MOVEit hack will overcome some of these hurdles, and bring hackers closer to their goal. Efforts should be made to make it as difficult for them as possible.
As the summer melts away, and the red glow of the setting sun fuses into the reddening leaves of autumn, thoughts turn to preparation. Like farmers gathering the harvest to prepare for winter, at the Bar, holiday homes, villas and chateaus, apartments and cottages, beaches and festivals are left behind. And the matters of the Michaelmas term brought to the forefront of the mind to be readied.
But progress never stops. And the law never sleeps. And while the blissful break of the long hot summer was a welcome relief from wet weather days and spring showers, litigation has continued. What documents have been exchanged? What applications filed and served? While cocktails and mocktails of all kinds were consumed, what advancement in case management has been missed.
Thankfully, because Chambers has the most up-to-date case management systems, nothing.
And if your chambers does not have the most up-to-date case management system, and your clerks are currently chasing the poor paralegal who was the only person unable to have a holiday, then this article will prepare you for next year, as we consider the seven best case management systems on the market:
Please note that these are listed alphabetically and not ranked in order. Different case management software might be better or best depending upon on an individual’s practice and existing infrastructure. What is consistent, though, is that case management software properly applied can reduce the practical burden on barristers.
On 31 May 2023, Progress Software, a US-based software developer, reported to regulators that hackers had found a way to infiltrate its MOVEit transfer tool. MOVEit software is utilised to transfer sensitive data securely, and crucially was used by UK payroll company Zellis, who provide payroll services to, inter alia, the BBC, British Airways, Air Lingus and Boots. An update patch was immediately released by Progress Software. However, on 5 June 2023, the BBC reported that consumer and staff data at these four companies had been compromised as a result of the MOVEit hack. Brett Callow, an analyst at cybersecurity firm Emisisoft described this supply chain cyber-attack as: ‘Potentially one of the most significant breaches of recent years.’
And the warnings have been there:* Counsel may have been a little early with regard to threats in 2022, but recent articles have focused on the prevention of supply chain attacks. (See ‘Avoid supply chain cyber attack’, Counsel, December 2022 and ‘Your guide to the information security questionnaire’, Counsel, August 2022.)
If you are subject to a supply chain attack DON’T PANIC. Prevention is better than cure and the advice provided in previous articles remains good. However, if your chambers has failed to complete the Questionnaire, or arrange for staff training, and is now subject to a breach, the following three points may help:
Unusually in the case of the MOVEit hack, CLOP, the Russian speaking group allegedly responsible for the hack, asked those subject to the breach to contact them rather than sending out ransom demands. Charles Carmakal, Chief Technology Officer at Mandiant Consulting, suggested on CNN that this was because the speed and range of the breach was so great that CLOP was ‘overwhelmed’ and could not keep up to contact individual companies.
Whether or not you pay a ransom following a supply chain attack is ultimately a commercial decision. However, paying ransoms will encourage attacks. Further, the CLOP threat was for contact and payment before 14 June 2023 otherwise data would be published on the dark web. While publication is reputationally embarrassing, and may undermine individual’s security, visibility of information published on the dark web is, appropriately for nomenclature, poor. The extent to which data will actually be seen is limited.
While visibility of data published on the dark web is poor, utility is far more dazzling. Pieces of data on the dark web, coupled with phishing techniques and social engineering can be used in secondary attacks, and can be used for years to come.
Many people at the Bar will have flown BA or shopped at Boots, and the information gleaned from these companies can be used to generate emails, messages and notifications which look very real. Be wary! If you are being asked for information pause and consider whether the request is genuine. If there is any doubt seek verification from the individual or company requesting the information, ideally using a different device and/or medium from the one that you received contact.
Never provide your log-in details to another regardless of the apparent authority or authenticity of the request. Your log-in details are your details! Like the keys to your house or car, do not give these to someone unless you trust them implicitly not to ransack your house or crash your car.
Avoid clicking links on messages. Official messages relating to ‘resetting passwords’ or ‘scanning devices’ utilise the fear generated from a cyber-attack to gain information in a secondary attack.
The repercussions from the MOVEit hack will be felt for many years to come. The information is out there and hackers will seek to utilise the data. Thankfully, most systems now need multi-factorial authentication. But the data which has been captured and released as a result of the MOVEit hack will overcome some of these hurdles, and bring hackers closer to their goal. Efforts should be made to make it as difficult for them as possible.
Sam Townend KC explains the Bar Council’s efforts towards ensuring a bright future for the profession
Giovanni D’Avola explores the issue of over-citation of unreported cases and the ‘added value’ elements of a law report
Louise Crush explores the key points and opportunities for tax efficiency
Westgate Wealth Management Ltd is a Partner Practice of FTSE 100 company St. James’s Place – one of the top UK Wealth Management firms. We offer a holistic service of distinct quality, integrity, and excellence with the aim to build a professional and valuable relationship with our clients, helping to provide them with security now, prosperity in the future and the highest standard of service in all of our dealings.
Is now the time to review your financial position, having reached a career milestone? asks Louise Crush
If you were to host a dinner party with 10 guests, and you asked them to explain what financial planning is and how it differs to financial advice, you’d receive 10 different answers. The variety of answers highlights the ongoing need to clarify and promote the value of financial planning.
Most of us like to think we would risk our career in order to meet our ethical obligations, so why have so many lawyers failed to hold the line? asks Flora Page
If your current practice environment is bringing you down, seek a new one. However daunting the change, it will be worth it, says Anon Barrister
Creating advocacy opportunities for juniors is now the expectation but not always easy to put into effect. Tom Mitcheson KC distils developing best practice from the Patents Court initiative already bearing fruit
National courts are now running the bulk of the world’s war crimes cases and corporate prosecutions are part of this growing trend, reports Chris Stephen
Let’s hear it for the assessors, says Dame Anne Rafferty of the KC Selection Panel. And to make silk assessors’ lives a little easier when applicants come calling in May, Dame Anne fields some commonly asked questions