Reporting an issue

Reporting an attack, even when unsuccessful, is one of the best ways to reduce exposure to cybercrime. Once you suffer a successful attack, regulatory obligations may apply.

Unsuccessful attacks: let’s protect each other

Sharing knowledge and awareness helps to defend against cybercrime and mitigate its effects. The Law Society urges everyone in the profession to report both successful, as well as unsuccessful attacks, as this can highlight latest trends and help to protect everyone. If you report an unsuccessful attack that helps your colleague tomorrow, then the next day she may report one that may save you.

Members can report an issue anonymously to the Society. Where a new threat is revealed by a report, the Society will share this vital information with the profession and, depending on the case, may issue relevant information on prevention measures.

Successful attacks: reporting requirements

If you have suffered a successful attack, you should consider who you should notify, under applicable law. Examples might include:

  • your client,

  • your cybersecurity advisor,

  • your financial institution,

  • your insurance company,

  • the Law Society,

  • external regulators, depending on the case (e.g., Data Protection Commission), or

  • An Garda Síochána.

It may be advisable for you to seek your own legal advice concerning the above.