Our study involved interviewing principles of ten law companies to find out solicitors’ attitudes to computer security and the possibility of breaches of their trust accounts. We simultaneously carried out a survey to see if the trends identified in our case studies could be backed up with broader quantitative data. An overall finding highlights the fact that law firms were not current with technology to combat computer crime. However, from a human perspective, more urgent issues were discovered such as lack of monitoring of computer systems and inadequate access control. Our conclusions revealed the urgent need for law firms to adopt security controls, implement information security policies and procedures and obtain cooperation from management to communicate these policies to staff.