Establishing Cybersecurity Leadership for a for a Multidisciplinary Law Firm

Background 

BDO Digital partnered with a multidisciplinary law firm based on the East Coast that supports financial institutions to address their cybersecurity challenges. The client recently experienced a security breach, with a low level of maturity in cybersecurity. 
 

Challenge 

They lacked information security leadership, and their technical staff was weak in their cyber capabilities. The client’s customers required them to address cybersecurity issues and create a formal reporting mechanism on progress. Additionally, the client lacked coordination with key vendors to meet implementation deadlines of cybersecurity tools. The challenge was to improve the client’s cybersecurity maturity, address customer security requirements, and coordinate with vendors to meet implementation deadlines. 
 

Solution 

BDO Digital reviewed the client’s current cybersecurity state, initiatives, and existing roadmaps. We adopted a standardized information security framework, identified gaps, prioritized risk, and integrated findings into the existing roadmap. We developed strategies to help the client meet their customer’s security requirements and communicated relevant information to leadership to make informed decisions and report the status of cybersecurity initiatives. 
 

Results 

BDO Digital developed appropriate policies and a risk register to drive risk-based communication with executive management, executed on a plan to mitigate high-risk threats, and developed a cybersecurity roadmap with action plans and milestones. We adopted CIS18 - Critical Security Controls Framework, established consistent communications to executive management and key customers, and established BDO as an authority on cybersecurity leadership.