Legal Firms and the Struggle to Protect Sensitive Data IT Disaster Recovery Planning and Preparedness Survey

Similar documents
Is your phone system holding you back or helping you fly? Why your current communications system may be restricting your growth.

Why a Comprehensive Connectivity Model Is Key to Enabling Digital Transformation

Top 10 pitfalls to avoid when re-inventing your disaster recovery program

What s the Weakest Link in DR plans? Canadian companies confess their shortcomings

Tabletop Exercises. for Cybersecurity. Maintaining a healthy incident response. White Paper. By Michael Everett, Security Analyst

6 Key Elements of Successful DRaaS

MID-MARKET IT PRIORITIES IN 2018

BUSINESS CONTINUITY AS A SERVICE

BUSINESS CONTINUITY: PROTECTING YOUR BUSINESS FUTURE

Disaster Recovery Orchestration

Managed Services and the Bottom Line

20 Signs That Your Business is Ready for Managed Services. Find out when your business will truly benefit from a technology provider.

Your Business Needs Managed Services. Find out when your business will truly benefit from a technology provider.

20 Signs That Your Business is Ready for Managed Services. Find out when your business will truly benefit from a technology provider.

20 Signs That Your Business is Ready for Managed Services. Find out when your business will truly benefit from a technology provider.

pwc.co.uk Crisis management

EY s Africa Resilience Survey 2016

Risk Appetite Statement

How Your Business Survival Depends On Disaster Recovery.

12.0 Business Continuity Management

Business Resilience: Proactive measures for forward-looking enterprises

Dynamic IT Disaster Recovery Plan

ISO Business Continuity Management. Your implementation guide

Why your business phone needs a digital transformation

Point of view Digital Business Resilience in Financial Services

PROACTIVE ADOPTER SERIES: Embracing foundational benefits of IT security

Always On: Unitrends DRaaS Disaster Recovery Services

THE RISE OF THE MODERN CIO

Is your phone system holding you back or helping you fly?

A Changing Profession for a Changing Market: Evolving services, skills and talent to meet business demands

Meet Our Presenter. Equipping You For Success: An ISO Certification Case Study

Project management practices for asset maintenance: A Guide for Power, Energy & Process Industries

The Next Act of UK Business. The Next Act of UK Business. Cisco UK & Ireland

BUSINESS CONTINUITY: PROTECTING YOUR BUSINESS FUTURE

Boards and internal audit: Working together to strengthen risk management

REPUTATION AGENDA FOR DIRECTORS

a division of Right Networks The Five Risks of Not Going to the Cloud RightNetworks.com

Strategic Business Continuity Management

Advanced Audit Techniques

for managing your changing IT environment.

REGULATORY HOT TOPIC Third Party IT Vendor Management

The Business Case for Disaster Recovery-as-a-Service Solution

Work Smarter, Not Harder:

Inside of a ring or out, ain t nothing wrong with going down. It s staying down that s wrong. Muhammad Ali

On the road(map) again. Balancing the emerging regulatory requirements in the Middle East public sector

Oversight by Board, Risk Management & Audit Committee (RMAC) and other committees. Second line of defense

TRENDS

Risk Advisory Services Developing your organisation s governance for competitive advantage

Ready for takeoff? Overcoming the practical and legal difficulties in identifying and realizing the value of data. Self-assessment guide

How to Future-Proof Your Indirect Tax Team WHITE PAPER

The New Enterprise Security Risk Manager

Is your phone system holding you back or helping you fly?

An introduction to business continuity planning

Ensuring Organizational & Enterprise Resiliency with Third Parties

Leading Change: Building Organisational Resilience. Jean D. Rowe, MBCI, CDCP May 1, 2017

Disaster Recovery Service Guide

IT Audit Process Prof. Liang Yao Week Three IT Risk Assessment

EY s response to Building the UK financial sector s operational resilience a BoE/FCA/PRA Discussion Paper

Internet Disruption Study

A Strategic Approach to Bank Fraud

Microsoft Services. Transform your digital security strategy to 04mitigate business risk

Change is a Constant. Effective Lean Operations when Sourcing Globally

Risk Assessment as a Foundation for Disaster Preparedness

EY Center for Board Matters Boards and internal audit

Digitaliseren van risico management

2008 BUSINESS RESILIENCY SURVEY RESULTS:

Operational Excellence in Healthcare. Creating a Culture of High Reliability: Management System Fundamentals

Table of Contents. Autotask Metrics That Matter 2

Preparing for the Unexpected: Business Continuity and Information Security Trends and Tactics

Enterprise Risk Management: Materials [date]

Internal audit insights High-impact areas of focus

A Guide to Building a Healthy Dental Practice. technology mistakes that can damage or destroy 7 your dental practice - and how to avoid them

Seeking value through Internal Audit

6 Practical Steps to Orchestrate Business Resiliency

Make money, save money and manage risk

BEYOND SAAS THINKING OF HARDWARE IN A WHOLE NEW WAY SAAS DRIVES IT SPENDING GROWTH FOR SMB BUYERS

OmniMath, Inc. Business Continuity Services Overview

Fujitsu End User Services Delivering a service as mobile as your people need to be

COMPLIANCE TRUMPS RISK

Enhancing business continuity management to address changing business realities

Business Transformation of Back Office Functions Ben Paul PricewaterhouseCoopers UK

Living on borrowed time

IT EXAMS TOP 5 CITATIONS. Top 5 citations LOUISIANA BANKERS ASSOCIATION TECHNOLOGY CONFERENCE Policy and Risk Assessment 2.

A 2015 SURVEY. GCs: Adding Value to the C-Suite

LI & FUNG LIMITED ANNUAL REPORT 2016

IT Risk Advisory & Management Services

Towards the Next Agricultural Policy Framework

The Path to Digital Transformation. A Roadmap for Business Success

Why partner with IMPACT Group?

Key capabilities for mastering the cloud

Private Equity. Securing your firm s future with intelligent business applications. xpedition.co.uk

Mid-market IT priorities in 2018

Protecting Information Assets - Unit #9 - Business Continuity and Disaster Recovery Planning. MIS 5206 Protecting Information Assets

Leading financial institutions are transforming the way they manage IT risk

Delivering Success Together. Westcon-comstor brochure

5 ways your business can stay safe and take off

PMI Southern Ontario Chapter PDD Ralph Dunham May 26, 2012

Minimizing Risk and Ensuring Continuity of Operations with Help from Symantec Consulting Services Business Continuity Management Practice

WORK MANAGEMENT SURVEY Executive Summary and Full Report

Five Solutions to Common Project Cost Management Challenges

Transcription:

Legal Firms and the Struggle to Protect Sensitive Data 2016 IT Disaster Recovery Planning and Preparedness Survey 1

Table of Contents Survey Objectives... 3 Survey Results... 4-10 Conclusion: Making Sense of the Data... 11 Key Insights... 12 Leverage IT Security and DR to Minimize Your Firm s Risk... 13 Why Firms are Turning to DRaaS... 14

Survey Overview The demands of modernization in law firms have driven intense competition for innovation and service to customers. But adopting innovations while also remaining secure from internal and external threats have become a genuine concern. As a leader in Disaster Recovery-as-a-Service (DRaaS), with expertise in serving law firms, Bluelock commissioned an online reader survey with ALM (parent company of Legaltech News, Law.com, The American Lawyer, etc.) to assess the current state of the legal industry s IT disaster recovery (DR) preparedness, pressures and confidence. We conducted the survey by asking legal IT professionals (66 total respondents) in October 2016, to explore the following: Top three challenges to firms operations Respondents named data security (69%), budget (59%) and overburdened IT teams (40%) as their biggest challenges Confidence in current DR plan Respondents were very or somewhat confident (68%) DR testing methods Respondents were unsure of their testing methods or had no tests (62%) Increasing pressure from constituents Respondents claimed increasing pressures from auditors (51%) and clients (42%)

Survey Results

Despite Top Challenges to IT Operations... Choose the top 3 challenges your firm faces when it comes to successfully managing IT operations. Data Security Budget Overburdened IT Teams 40% 59% 69% Client Demands for Audits & Systems Availability 22% Regulatory Compliance 24% Datacenter Transformation 16% Big Data 26% BYOD & Personal Devices 31% Getting Buy-In from Managing Partners 9% Other 5% 0% 10% 20% 30% 40% 50% 60% 70% 5

The Majority of IT Pros Have Some Level of Confidence in Disaster Recovery... 68% Percentage of respondents that expressed confidence in their DR plan How confident are you that your disaster recovery (DR) plan is effective? 23% very confident 45% somewhat confident 20% not sure 5% somewhat confident 3% not confident at all rest did not respond 6

But Most Aren t Testing Their DR Plans 62% Percentage of respondents who claimed they didn t test or didn t know what tests they did This means the 68% who claimed confidence in their DR plans may be overconfident. Given their concerns for data security, this doesn t bode well. If no DR tests are being done, then firms are not proactively identifying their vulnerabilities. This increases the potential risk and impact of security incidents or an IT service disruption. Please indicate what type(s) of DR testing you are currently using. 32% not sure 16% we don t have a DR plan test 14% we don t have a DR plan 7

Test to Minimize Your Risk Please indicate what type(s) of DR testing you are currently using. 30% 25% 28% 20% 15% 16% 10% 11% 5% 0% Tabletop Tests (Teams Review the DR Plan) Sandbox Simulation (Technology is Testing in Isolation, with No Impact to Production) Full-Scale Testing (Full Failover and Failback Testing of Production Environment) For those law firms conducting IT DR testing, sandbox simulations are most prevalent. To thoroughly test disaster recovery plans and minimize risk, law firms should be initiating sandbox simulation tests at least twice a year. When possible, full-scale testing is the most true-to-life testing method and should be considered. 8

IT Departments are Facing Increased Pressure from Auditors and Regulators 51% Percentage of respondents that claimed to face audits and regulations regarding IT data protection How strongly do you agree with the following statement: My organization is facing increasing pressure from IT audits and regulations? 23% strongly agree 28% somewhat agree 27% neither agree nor disagree 14% somewhat disagree 8% strongly disagree 9

Clients are Putting More Pressure on IT Departments 42% Percentage of respondents who claimed clients are requesting information about their firms IT operations and data protection policies Because law firms house large quantities of sensitive client data, IT departments are facing increased scrutiny especially those whose law firms provide service to clients in the banking industry. How strongly do you agree with the following statement: More of my clients are requesting information about my firm s IT operations and data protection policies? 11% strongly agree 31% somewhat agree 25% neither agree nor disagree 13% somewhat disagree 20% strongly disagree 10

Conclusion Making Sense of the Data

Key Insights Data Security is a Top Priority In Cisco s 2015 Annual Security Report, law firms ranked as the seventh most vulnerable business sector to cyber attacks. Because legal proceedings often rely on sensitive client information, hackers see an opportunity for profit and target firms for this data. No wonder 69% of respondents have ranked data security as the biggest challenge to their firms IT operations. Success is Strained When IT Teams Lack Resources IT professionals at legal firms are expected to be reactive to the needs of their partners. However, stretched budgets (59%) and overburdened IT staff (40%) make it difficult to embrace change in an era where it s critical to mitigate risks. Because downtime can be hugely detrimental to a firm s reputation and livelihood, a proactive approach to DR is essential. Confidence Must Be Based On Evidence Since data is has become a cornerstone of the modern legal practice, it s no surprise that regulators are taking more steps to ensure continuity and clients are requesting proof of resiliency. Yet when 68% percent of respondents express confidence in their DR plans and simultaneously fail to articulate their testing methods, constituents may see this disconnect as an inability to survive in the face of crisis. 62% of firms don t know what DR tests they perform or have no DR tests at all, which poses a major security risk since vulnerabilities aren t being identified. Furthermore, it implies that their confidence in resiliency may be unfounded.

Leverage IT Security and DR to Minimize Your Firm s Risk Information Security practices need to have direct ties to IT incident response procedures. Law firms are increasingly turning to more modern and secure IT disaster recovery solutions to improve their security and resiliency posture. By leveraging Disaster-Recovery-as-a-Service (DRaaS), firms are making huge strides from existing backup-based or depreciated infrastructure to overcoming tight budget and personnel constraints with robust data protection. Taking steps to improve a DR strategy protects your law firm s reputation, client trust and ultimately revenue. The reality is if your information system is taken down for whatever reason: a flood, malware, hack attack, etc., you still have a business continuity and disaster recovery issue on your hands. - Ken Beaver, TechTarget 13

Why Law Firms are Turning to Bluelock Legal firms are turning to Bluelock because we are dedicated to their security and empowerment. Our Disaster Recovery-as-a-Service (DRaaS) isn t just data protection. It s the seamless delivery of a digital experience, no matter the technology, so that your firm can tackle your future with certainty. Serving as an expert extension of your IT team in handling the end-to-end responsibilities of DR planning, testing and maintenance, Bluelock gives your IT talent the freedom to focus on other, more pressing objectives that drive direct value to your law firm. Worried about proof to constituents? Our client portal, Bluelock Portfolio, offers complete visibility with recovery metrics for even the most skeptical stakeholders, auditors or clients. Our unique service program, Recovery Assurance, offers verifiable evidence of recoverability and security. For more information about Bluelock, visit bluelock.com/law. 14

Jumpstart your strategy by visiting our Practical Guide to DRaaS. www.bluelock.com 888.402.2583 Indianapolis Las Vegas

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback