October, 2022 | Article
Arctic Wolf and Compugen in the legal business: Helping law firms elevate cybersecurity and achieve regulatory compliance
Like all other public and private organizations, law firms are also dealing with digital security challenges and growing costs of cybersecurity insurance. It is expected that cyber insurance premiums will continue to increase 40% year on year. Insurance providers are also mandating that their clients put in place a process to identify, detect, and protect against internal and external threats.
Canadian IT solutions provider Compugen has partnered with Arctic Wolf to launch Security Operations Centre (SOC) as a service. A global leader in delivering Managed Cybersecurity solutions to organizations, Arctic Wolf has more than 300 law firms under management in the Canada/US territory. The following two case studies identify challenges that two different law firms faced and needed to address to ensure the safety of their respective IT environments. The solution not only helped elevate their cybersecurity posture but also helped them meet obligations to regulatory bodies and their clients.
Case Study 1:
The legal firm has 150 lawyers and support staff in 9 locations across the country. Their work requires conforming with corporate clients’ risk management policies.
Significant data breaches that originate through work with subcontractors have driven awareness among large corporations of the potential risks vendors pose. Corporations now require legal counsel to adopt more robust security measures; what were initially questionnaires evolved into a combination of questionnaires and review sessions. Corporate clients frequently need signed attestation from the firm stating that they’ll follow specific cybersecurity policies, so the firm must have a comprehensive solution.
Finding the Right Managed Detection and Response Solution
An internal audit of their security practices revealed glaring gaps related to their ability to detect and respond to threat indicators. Through this process, the firm discovered that migrating to a managed detection and response (MDR) platform was a crucial security need.
The firm evaluated three vendors in the space to improve its MDR capabilities – TruShield, eSentire, and Arctic Wolf – and ultimately selected the last. Arctic Wolf provided the robust functionality and skilled expertise that the firm needed, and its subscription-model pricing provided the firm with business flexibility, allowing it to scale security requirements as required.
Taking the Toil Out of Vulnerability Assessments
The firm regularly performs third-party vulnerability assessments, the results of which became difficult to manage and address. Seeking a more continuous approach to managing their digital risk posture that would offload the toil of working their third-party vulnerability assessments, the firm added the Arctic Wolf Managed Risk solution.
The Managed Risk solution provides 24x7 continuous vulnerability scanning managed by security experts. Beyond vulnerability scanning, the firm also gains visibility into system misconfigurations against globally-accepted critical security control benchmarks and the account takeover risk exposure that they weren’t receiving before.
Outstanding Results Across the Board
The firm deployed the Arctic Wolf security operations solutions over a year ago. Since then, the firm’s IT team has seen improved security across its network and has met clients’ requirements in several ways:
- 15-minute notification and resolution from when a high-level user provides law firm credentials to a known phishing site
- Greater frequency of vulnerability scans to accommodate customer requirements
- Increased log retention timeframe to meet changing customer requirements
- A quantified risk score that measures and benchmarks digital risk against industry peers
Arctic Wolf helps secure the firm’s sensitive data by flagging suspicious events. And by eliminating events that turn out to be false positives, Arctic Wolf’s Concierge Security Team gives the firm a greater ability to scrutinize its existing security controls, tighten policies, and validate how Arctic Wolf monitors its operations.
Arctic Wolf Managed Detection and Response and Managed Risk have enabled customers to improve their security posture for far less than had they continued with their third-party vulnerability assessments or hired internal security experts and established an in-house SOC, reflecting exceptional return on investment. Firms reduce costs by not needing an internal SOC team and infrastructure while getting a higher level of service than would be possible from an internal security resource.
The firm no longer has to deal with excessive alerts, and when there is something anomalous, they are notified. The Arctic Wolf service improved the firm’s security and allowed them to meet increasingly stringent client security requirements.
Case Study 2:
The legal firm has 160 lawyers and support staff across the country. Their work requires conforming with corporate clients’ risk management policies.
The firm must secure sensitive client data as well as its confidential information. The firm has ethical obligations driven by external bodies to ensure the security of client data. Additionally, many of the firm’s enterprise clients require the firm to complete vendor risk management questionnaires as a prerequisite to doing business. Client security assessments have become increasingly frequent, particularly from large banks and healthcare companies which house tremendous amounts of sensitive customer data. Active monitoring is a requirement, and the firm must ensure they have the tools and resources to find potential threats 24x7. Another example was meeting their client’s HIPAA requirements. They frequently possess their customer’s data, and the onus is on the firm to implement the necessary precautions to secure that information.
Making the Case: Finding the Right Approach to Cybersecurity Detection and Response
Keeping the status quo was not an option, given the client’s concerns and the potential business impact of not adequately monitoring the firm’s environment. To help optimize its security posture and satisfy client risk management concerns, the firm evaluated different ways to monitor its environment systematically and analyze log files for security threats. It considered deploying a security information and event management (SIEM) system but quickly concluded that the cost of staffing and managing a SIEM would be prohibitive.
Having ruled out an in-house SIEM solution, the firm zeroed in on managed detection and response (MDR) as the optimal approach. Arctic Wolf’s Managed Detection and Response was the best fit, with a straightforward business case made to the firm’s technology and budget committees. With pressing security assessment questions around networking monitoring and log analysis, the firm decided that the solution met all their needs at a cost far below that of an in-house SIEM.
The Verdict: Exceptional Results
Today, Arctic Wolf ingests over 46 million observations per week from the firm, with only a handful resulting in security investigations. As the firm transitions to Microsoft Office 365, they intend to add Office 365 coverage to the resources that Arctic Wolf monitors. The firm’s IT team has seen improved security across the network while satisfying client requirements in a number of ways:
- The Arctic Wolf console provides insights and reporting on both on-premises and SaaS applications used by the firm
- Out-of-the-box reporting benefits internal and external constituents
- Visibility into suspicious network traffic enables the firm to avoid potential security pitfalls
The firm’s cybersecurity policies and processes satisfy corporate clients’ requirements and ensure its practice continues to thrive. The Arctic Wolf service provides two solutions in one: technology and people. It provides the technology to collect and aggregate the log information and provides people with the necessary security expertise to evaluate that information. The key benefit for the firm’s IT team was Arctic Wolf Concierge Security Team’s advisory services, allowing them to respond quickly to potential incidents.
To learn more about how Arctic Wolf can meet your cybersecurity requirements, please join the free webinar hosted by Compugen & Arctic Wolf on October 19th at 12 noon. At this lunch and learn webinar, we will have a panel of subject matter experts that have worked with the industry to solve security challenges specific to the legal business.
https://pages.compugen.com/30744/awsecurity
For all participants who register for the webinar, we will be providing a $25 Uber Eats voucher so you can order lunch while you attend.