Kroll CyberClarity360 and Buying Legal Webinar Series Wrap-up

The first was led by Imran Jaswal and Ryan Spelman of CyberClarity360. It focused on the concept of risk identification, aimed at helping the members of Buying Legal Council understand and identify risks in their vendor ecosystem. While the number of cyber risks is myriad, there are specific challenges to legal vendors that require special attention. The sensitivity and volume of data that may be shared with one or more outside counsel make a data breach by a legal vendor a particularly high-risk event. Further, the nature of legal vendor relationships, with their potential for rapid scope change and confidential procurement, make managing this data sharing a particularly challenging activity.

In the second, led by Shay Colson and Ryan Spelman of CyberClarity360, Kroll analyzed and studied vulnerabilities the same way hackers do and emphasized the data points that should be considered when deciding to engage or avoid specific legal vendors. Shay Colson talked about the critical vulnerabilities of accounts that get compromised due to exposed records. These records may be employee account credentials used on other systems such as payroll providers or travel booking sites. And, if the employees used the same username and password they use on their organization's systems, then it could lead to a data breach. Both Shay and Ryan emphasized that understanding the cyber risk exposure, combined with an understanding of the data that will be shared with the vendor, is critical in deciding how to engage with the legal vendor.

Log into your Buying Legal account to access this video recording.

The third was a fireside chat with a significant financial institution's legal vendor cyber risk management team, moderated by Shay Colson. This organization has built a robust legal vendor cyber risk management program that identifies and avoids potential risks and can engage and mitigate the threat. The mitigation comes from careful analysis of risks, leveraging a technology platform, and excellent communication between the financial institution and the firms.

Staff from Kroll’s Legal Management Consulting practice, Tyler Marion and Derek Mihm, joined us for the final and fourth webinar where they educated the audience on contracts. Contracts represent one method of risk transfer, which often represents the last option for dealing with risk if you cannot avoid it or mitigate it. Tyler and Derek focused particularly on managing clauses and terms across thousands of contracts and how leveraging technology can bring greater clarity to your understanding of what options are available to you in transferring the risks your legal vendors may create.