Even before its acquisition of Huron Legal, Consilio was extending its range from international eDiscovery services into consultancy and pre-emptive advice to organisations about the management and control of information.
Huron Legal’s range of services included a strong specialisation in advice to law firms on their own management, on matters ranging from procurement to security to internal efficiencies and beyond.
The strands come together as the Panama Papers story shows a law firm badly hit by a data security failure which is having repercussions both deep and wide for the clients as well as for the firm. Data breaches of all kinds, never mind those on this scale, have a long tail. In addition to the practical matters involved in identifying the source of the leak or hack, limiting the scope for it to happen again, and dealing with angry customers or clients, the victim company faces regulatory investigations, possible criminal investigations and litigation from clients.
With a title inspired by the fact that 11.5 million documents were liberated from Mossack Fonseca, Consilio has produced a short paper called 11.5 million reasons for law firms to take data security seriously, Consilio sets out eleven-and-a-half things which law firms need to do to make sure that they are not the next Mossack Fonseca.
Some of this advice is technical in nature and some of it relates to policies. In some ways, the most important is much less specific than the rest: “Promote cyber security awareness”. I am barred, alas, from repeating the things I heard recently from a senior partner at a decent law firm who describing his travails in trying to get his partners to take security seriously – to be alert to risks, to take sensible precautions and, where necessary, modify their own behaviour. You can invest in all the best equipment and devise the most watertight policies imaginable and still fall foul of a cyber-crook, whether a “professional” one or an opportunist.
The Consilio paper provides a helpful checklist which, although addressed to law firms, has application to much wider audiences.
eDisclosure Information Project 