Anderson Strathern and Burness Paull join the specialised Incident Response Cadre, along with four new IT/security firms which join the existing two in the network. The cadre’s role is to provide immediate support to businesses which have experienced a cyber-attack, with the two new law firms helping to mitigate the legal impact of such incidents.

Douglas McLachlan, who leads Anderson Strathern’s data & technology team and is certified by the Law Society of Scotland as a specialist in cyber security, said: “My team has seen first-hand how cybercrime is becoming more regular, and criminals more technologically savvy, and through joining Cyber and Fraud Centre’s Incident Response Cadre, we will be able to help even more organisations deal with the aftermath of these incidents.

“As members of the centre’s Incident Response Cadre, we will be able to provide a lifeline to those needing immediate legal guidance, as well as a clear assessment of the extent of the breach, help with mitigating the impact on not just the business but to suppliers and customers as well as helping businesses and individuals to minimise potential legal liabilities, such as Information commissioner fines or the risk of litigation”.

Hazel Moffatt, partner at Burness Paull, commented: “Data breaches and cyber-attacks are increasing in frequency and scale and should be high on the risk register of all Scottish organisations. As part of the Cyber Fraud Centre Incident Response Cadre, Burness Paull stands ready to provide practical and tailored legal advice, using our extensive experience to support organisations in responding to and mitigating the effects of, cyber security incident”.

The Incident Response helpline, run by the centre in conjunction with the Scottish government and Police Scotland and aimed at helping SMEs and the third sector to access resources after a cyber-attack, last week reached a record 300 calls since its inception in 2020, reflecting the regularity with which businesses are finding themselves victims of an attack. To manage the effects of such an event, the centre has urged organisations to avoid complacency by ensuring that they have a reliable Incident Response Plan in place and testing it regularly, as well as knowing where to access useful resources.

Jude McCorry, CEO of Cyber and Fraud Centre – Scotland, said: “As levels of cybercrime and fraud in Scotland reach new heights, it has never been more important for organisations to prepare for the possibility of being targeted.

“We provide a variety of resources to assist after a cyber-attack, including the provision of the Incident Response helpline, and the addition of two legal firms and four IT and security firms to our dedicated cadre will help us to extend our support even further. However, organisations must also ensure that they are equipped to respond immediately to cybercrime - having a well-tested plan in place is the most effective way to do this. We would encourage organisations to have an incident response partner in place as part of their incident response plan. All of our partners are happy to have that conversation and assist companies now, rather than waiting for an attack to happen.”