HOW AN INTERNATIONAL LAW FIRM BUILT THEIR SOC.
UNDERSTAFFED YET DETERMINED
The international law firm's Head of Information Security joined the team as their very first security manager. At this point, there was no SIEM and no regular team to monitor the firm's environment.
Head of Information Security reports to the CIO and oversees governance, risk management, and compliance, as well as the firm's security technologies and day-to-day operations.
Head of Information Security was left to manage and monitor the firm's cybersecurity as the firm did not have a managed security services provider to run their SOC, or even intrusion prevention/detection.
Head of Information Security was looking to implement a visibility strategy and building an in-house security team would mean hiring 4-5 people.
BUSINESS AND SECURITY GOALS
Protecting client data became critical to achieve business goals. Both business and security goals aligned in assuring clients that their data is well protected. Due to general fears about data protections and compliance needs that must be met, many clients have implemented vendor management programs that force the law firm to implement the necessary security levels or risk losing business.
Beyond safeguarding the business's current line, the firm also looked to the future, expanding its partner-base and increasing overall business revenue. Cybersecurity became an important component to that plan in order to ensure the business and its operations wouldn't experience a breach and that breach's repercussions.
Business and security goals align in wanting to assure current clients that their data is well protected.
Security aims to give business operations confidence needed to move forward with their own goals, for growth within the firm.
BUILD A ROBUST TEAM
Overall, the firm wants to safeguard current lines of business to bring in more partners and increase the firm's revenue.
- Role:Head of Information Security
- RedLegg Client:Since 2016