the international trade organization for legal procurement

best practices for buying legal services and legal technology


With the greater sophistication and continued rise of cyber threats, it is essential that you understand how your trusted partners, law firms and other suppliers, protect your confidential and highly sensitive information.

Data supply chain security is every corporation’s responsibility and a critical area of concern, because trusted partners are often the weakest point in your defense against cyber attacks.

Access our resources:

CYBER SECURITY: NOT IF, BUT WHEN - Download the Guide on Legal Vendor Cyber Risk Management:

The cyber threat landscape is complex and security breaches have become a daily occurrence. As an organization's reputation and data are at increasing risk of being compromised, it is critical for legal departments to adopt a comprehensive and robust approach to vendor cyber risk management. 

Understanding the third-party cyber risk management life cycle is critical for both the organization and its vendors to decrease security control gaps and minimize overall risk. Follow the Guide's detailed steps to build a strong Legal Vendor Cyber Risk Management program. Click here to download.

Privileged Data & Cyber Security: What you need to do about it now

Imran Jaswal and Ryan Spelman (both Cyber Clarity 360) explain what cyber risks legal vendors present to your organization, unique aspects and impact of legal cyber risk, possible vulnerabilities in your current legal vendor portfolio, and what you can do about it today. Download the slides here.

Cyber Security Benchmarking: What you need to know now and how you can avoid risk

Shay Colson and Ryan Spelman (both Cyber Clarity 360) explain real-world cyber security incidents and how they apply to the legal vendor context; Benchmark performance data of the specific cyber threats that result in these types of breaches; and Strategies to improve your risk-based decision making regarding outside counsel and legal vendor cyber risk. Download the slides here.

Legal Vendor Cyber Risk Program: How to deal with problems and how to avoid them in the first place you can build security into your contracts

Panel discussion with Michael Delle Donna, Jomara Negron, and Anthony Evans (all Prudential Financial), moderated by Shay Colson (CyberClarity360).

Log into our TOOLBOX to access the video recording. 

Data Governance & Contract Management: How you can build security into your contracts

Tyler Marion and Derek Mihm (both Duff & Phelps) explain: How to structure risk mitigation in your contracts: recommended clause types An overview of a typical, proactive data security risk mitigation workflow for contracting Methods to retrospectively mitigate data security risk in existing relationships’ contracts With Imran Jaswal (Cyber Clarity 360). Download the slides here.

Questions about Cyber Security for legal departments? Quick answers from our experts:

What buyers need to do and know when buying legal services with Imran Jaswal:

What should buyers know about their law firm's vulnerability with Imran Jaswal:

What are the typical threats to law firms and other legal services providers with Ryan Spelman:

What can buyers do to manage & monitor whether their providers are secure with Ryan Spelman:

Who is accountable for data security with Ryan Spelman:

This expert series is powered by: