One of the things that I most enjoy about being a Chief Legal Officer is meeting other CLOs and in-house attorneys. I always ask them some version of the following question: “What is keeping you up at night?” More and more, their answers revolve around security and privacy. In addition to the security of their own corporate networks, CLOs and GCs are worrying about the security of their law firms. This issue was well examined in the article, For Hackers, Law Firms Are ‘One-Stop-Shopping,’ by Randy Evans and Shari Klevens, which appeared last week in The Recorder.
As the CLO of Zscaler, Inc., a 100% cloud security company, I understand the tremendous challenges facing organizations as they try to secure their networks in the modern digital world. These challenges, which apply to law firm IT departments as much as, if not more than, other enterprises, include:
- Attorneys using a wide variety of cloud-based applications, sometimes without the approval or even the knowledge of the firm’s IT department
- Attorneys accessing both cloud applications and law firm internal applications from their homes, airports, hotels, and coffee shops
- Tremendous pressure to adopt innovative cloud-based technology to better serve clients
Law firms must address these challenges in an environment where, as explained by Mr. Evans and Ms. Klevens, they may well be significant targets. In words credited to bank robber Willie Sutton, law firms are now “where the money is.”
If law firms are the banks of the information economy, they need to fortify their information protection to the level of banks. While many law firms have terrific IT teams, most firms simply cannot make the necessary investments, hire the required personnel, or manage the technical complexity associated with protecting against sophisticated attacks.
Just as law firms have come to rely on cloud-based software and services to manage productivity and collaboration, they can turn to security as a service to protect their networks and reputations at a much lower cost.