Annual Test Programme & Security Partnership – Global Legal Firm
Our client is a specialist global legal firm with offices in Europe, the Far East and the Americas. They provide a full range of legal services to their clients in their specific field of specialism.
Client Requirement and Business Drivers
In the early stages of our client’s rapid expansion, they recognised the importance of protecting their critical information assets. They understood that this was equally important for their own data for reasons of complying with data protection legislation, and maintaining competitive advantage; as it was for their customer’s data. Their customers, mostly large corporate enterprises, entrusted very sensitive information to our client as part of the work they undertake on their behalf.
The client had gone through a major upgrade to their infrastructure and LAN/WAN connectivity. This was undertaken by partnering with an international provider of technology based business services. The partner sensibly recommended that an independent expert security assessment was undertaken; commissum was selected through a competitive process to undertake the first assessment.
Initially commissum conducted an external infrastructure penetration test of the law firm’s Internet facing presence on the recommendation of the firm’s technology implementation partner. The initial selection was competitive, with commissum successfully demonstrating the quality of their services as well as excellent value for money. The recommendations from this initial round of testing fed back into the Business Solution Partner’s remedial action and project completion programme.
This experience of independent review of security and the issues uncovered and remedied acted as a catalyst for the establishment of a long term partnership between the Law Firm and commissum. Initially this included ongoing contracts for external infrastructure penetration testing and monthly vulnerability scanning, but over the years has included:
- Network security training for IT staff
- Incident response and forensic analysis
- Remote access project security design support
- Audit of Active Directory
- Corporate security Healthcheck
- System hardening review & advice
Most recently, commissum has facilitated introductions to the UK government's Centre for the Protection of National Infrastructure-(CPNI) for inclusion in the security information exchange that has been established among selected law firms. This is part of the UK Government’s initiative on Cyber Security and recognition of the criticality of the information exchanged with and held by large corporations’ legal advisers; and hence the potential risk posed by indirect attack on these organisations.
- Case Study 1 - Online Banking Project Assurance
- Case Study 2 - Government Data Handling, BCP & ISO27000 consultancy
- Case Study 3 - Oil & Gas Industry - Asset Tracking System Project Assurance
- Case Study 4 - Professional Institute - Strategic Security Review
- Case Study 5 - Government Agency - Business Continuity Exercise
- Case Study 6 - Government Agency - CLAS Services for Accreditation
- Case Study 7 - National Engineering Group - Security Programme
- Case Study 8 - Application Service Provider - Investor Due Diligence
- Case Study 9 – Global Legal Firm - Annual Test Programme & Security Partnership
- Case Study 10 - Investment Bank - Secure Application Development Training
- Case Study 11 - Manufacturing Company - Active Directory Review & ISO27001/27002 Gap Analysis
Get in touch with one of our security consultants today
- No obligation
- Expert advice
- Tailored solutions
"commissum recently provided invaluable advice and support, ensuring the success of our secure remote access project, and has provided us with annual penetration testing and managed service scanning for several years. I would happily recommend commissum to others for their professionalism and quality of service.”
Mr Tim R, IT Director, International Law Firm
"We engaged with commissum for the first time this year and found them highly professional and a pleasure to do business with. We were particularly pleased with the report provided which was of excellent quality, with an appropriate level of detail and clarity in its recommendations. I would happily refer others to commissum.”
Mr Billy K, IT Director, National Law Firm