Extract from Frank Ready’s article “Passing Cybersecurity Audits Doesn’t Need to Be Expensive—It’s Just Easier That Way”
Law firms may be trying to stay one step ahead of client-issued cyber audits by continually re-investing in the most secure technology that the legal market has to offer. But while certain tools or brand names can impress clients, they aren’t necessarily the surest—or the most budget-friendly—path to making the audit process more efficient.
It can, however, be the path of least resistance. Gulam Zade, CEO and general counsel of the legal IT service LogicForce, noted that in the last 18 to 24 months, law firms have been trying to expedite an often lengthy and laborious audit process by putting themselves in a position to give a simple “yes” to every security question asked.
“The easy answer is to go out there and buy the technology that is going to help. … So that’s what we see firms doing to try and comply. They go out and try and buy the right tech to make them compliant with the audit,” Zade said.
Just how often that investment or reinvestment occurs may not align with a set schedule. Neeraj Rajpal, chief information officer at Stroock & Stroock & Lavan, indicated that the firm is “always” looking for new tech to further solidify their security controls.