Ride the Lightning

Law Firm Shook Hardy Achieves ISO 27001 Certification

October 8, 2014

Shook Hardy & Bacon recently announced that it had obtained ISO 27001 certification of its information security management system.

A globally recognized standard for information security management systems, ISO 27001 certification requires that a company show a systematic and ongoing approach to managing sensitive information. Shook began pursuing certification 18 months ago. To maintain its standing, Shook must undergo annual audits to assess its maintenance of high standards.

While the pursuit of ISO 27001 is gaining momentum among law firms, certification itself is not standard across the industry. According to a presentation at the International Legal Technology Association’s LegalSEC conference in June 2014, certification had been achieved by at least 12 large law firms, half of which are based in the United Kingdom. Another 16 U.S. firms were identified as “working toward or investigating certification.”

The firm was certified through the Tampa-based attestation and compliance services company BrightLine CPAs & Associates, Inc. To help navigate the complicated certification process, Shook Hardy used Trenton, N.J.-based security assessment company Pivot Point Security.

While law firms have not exactly been racing toward certifications, it is clear that clients are beginning to demand evidence that law firms are taking cybersecurity seriously. Watch for more firms to follow suit – it is simply the cost of doing business – as the smarter firms are learning. Clients are more likely to hire and stay with a firm that they trust to safeguard their data.

E-mail:    Phone: 703-359-0700
Digital Forensics/Information Security/Information Technology
http://www.senseient.com
http://twitter.com/sharonnelsonesq