Skip to Content

The Victorian Legal Services Board and Commissioner (VLSB+C) are independent statutory authorities responsible for the regulation of the legal profession in Victoria. 

Our Service Charter is our commitment to you.  

It summarises our role and function, how you can expect us to treat you, and what we need from you.  

Last updated on
Blue graphical design

New study invites lawyers to share their views on wellbeing and workplace culture

The study is being led by researchers from the Australian National University and the University of Melbourne, with support from the VLSB+C and key legal regulatory bodies in New South Wales and Western Australia.

Publication

Cybersecurity Red Flags and Good Practices

Guidance for lawyers

Publication

Minimum Cybersecurity Expectations

Guidance for law practices

Minimum Cybersecurity Expectations

To help law practices protect their clients’ data and meet their legal and ethical obligations, the following tables set out minimum cybersecurity expectations. They also list examples of unacceptable cybersecurity practices that we consider capable of amounting to unsatisfactory professional conduct (UPC) or professional misconduct (PM).

Law practice principals should use the tables below as a guide to the basic system and behavioural controls you need to implement. This includes the critical system controls without which your practice is most vulnerable. If there are any critical controls that you are yet to implement, these should be your highest priority.

System controls and behavioural controls are two types of cybersecurity measures to protect information systems and data:

  • System controls encompass the technical safeguards implemented within an organisation's information systems to protect against external threats and vulnerabilities.
  • Behavioural controls focus on influencing and regulating human behaviour to minimise security risks.

Both types of controls work together to protect your law practice from any potential security threats. Many of them will be straightforward for individuals to implement (e.g. turning on automatic software updates). However, you also need to consider whether your practice requires additional security measures, based on its size and capability, the type of work you perform, and the nature and location of your clients.

If you require support or guidance to understand and implement these controls, or to determine which additional controls are right for your practice, we recommend engaging an IT security consultant. Your professional association may also be able to assist you. Community legal centres can contact the Federation of Community Legal Centres for further support.

Last updated on

Cybersecurity

Last updated on

Why cybersecurity matters and what you need to do

Cybercrime is a major risk for law practices of all sizes. The large sums of money and sensitive information entrusted to law practices make them targets for hackers and cybercriminals.

Implementing strong cybersecurity protocols and good practices is an essential and expected part of competent practice management. Principals play a crucial role in both implementing these measures, and ensuring that all staff not only understand but also consistently adhere to them.

Failing to protect against targeted and opportunistic cyberattacks can have serious consequences. Your practice, clients, other parties you do business with, and even the wider legal system may be impacted.

While this is a complex area, we offer two resources to help you take the necessary steps to strengthen your cybersecurity.

Last updated on
Subscribe to Lawyers Back to top