Security 2021: The Perfect Storm?

September 08, 2021

Over the past 18 months, key workforce studies have seen an increasing number of IT professionals in all sectors and geographies reporting burnout at work. And for IT leaders tasked with transforming their business to a long-term Work From Anywhere (WFA) environment, the pressure continues to grow.

According to the latest Teneo research, which surveyed 400 IT Infrastructure and Operations (I&O) leaders in the UK and US, a worrying majority of 4 out of 5 (82%) respondents in the legal sector reported that they feel either frustrated, overwhelmed, or overworked by the challenges of supporting a WFA environment.

What’s behind the overwhelm?

Added to the complications of hybrid working, IT teams are experiencing overwhelm from competing priorities such as digital business, converging architectures, and multi-cloud migrations. In our survey, 44% of I&O leaders reported that it’s specifically a lack of time that’s the problem, and it’s preventing the introduction of new technology needed to adopt a long-term WFA strategy.

Many I&O leaders are running lean teams and must coordinate them with external resources, creating an extra management burden. 50% reported that they don’t have the internal staff resource available to support WFA, and a further 44% said they don’t have the internal expertise required. On top of this, 31% said they lack the security tools needed to support a WFA environment, and 75% said they don’t have the required visibility and optimization tools.

Such burnout has the potential to cripple transformation, stifle innovation, cause low energy, exhaustion, negative feelings, reduced efficiency, and staff retention issues. But with 62% of I&O leaders in the legal industry reporting that their firm will adopt a long-term WFA environment, IT teams must find a way to embrace innovation with confidence, or risk being left behind.

WFA security challenges

Already prime targets for hackers, with the move to a long-term WFA environment, law firms now face a perfect storm when attempting to secure their digital assets and working practices.

Zero Day attacks have skyrocketed throughout the pandemic, along with an increasingly sophisticated threat landscape. Additionally, with migrations to multi-cloud, IoT, and the shift to remote or hybrid working, the attack surface has increased. Such expansion has led to an increase in data volumes and alerts from network and security tools. But with disparate toolsets and employees and a lack of time and resources, IT teams are struggling to detect and respond to security breaches without delay.

In the past, users were tied to office-based locations, the corporate network, and corporate-managed devices. Protecting against malware, ransomware, and phishing was as simple as rolling out endpoint antivirus, installing a stack of appliances in a data center, establishing a DMZ (demilitarized zone), and backhauling traffic for inspection and control. However, the traditional castle-and-moat security that many IT teams relied upon is no longer fit for purpose to support today’s WFA environment. And legacy antivirus solutions are simply unable to provide adequate protection.

Law firms now face a perfect storm when attempting to secure their digital assets and working practices

A strategy for the long term

At the height of the pandemic, when the world plunged into multiple lockdowns, law firms were forced to adapt quickly to the overnight requirement for employees to work remotely.

Many IT teams originally viewed the increase in remote working as a crisis measure that would soon be reversed. They took short-term steps to keep the lights on, such as enabling direct access to the Internet for cloud applications, which bypassed data center security architectures.

However, many didn’t expect the transformative impact of the crisis on how we do business. With post-pandemic recovery now in sight, many of these changes are expected to be here for the long haul.

Now, law firms must consider how they’ll deliver policy at the point of need, onboard new staff, handle BYOD, navigate user attitudes and behaviors, and ensure they have security and performance insights that allow them to respond before the business is impacted.

Work From Anywhere means security everywhere

To ensure users are secure from wherever they’re accessing corporate resources and sensitive information, organizations must therefore consider dynamic, software-defined, policy-based approaches such as ZTNA (Zero Trust Network Access) and SASE (Secure Access Service Edge).

However, without the time or resources to introduce these new technologies, law firms risk service interruption, performance degradation, and poor user experience. They’re also likely to suffer from longer dwell times, threats to data integrity and digital assets, and the inability to offer new services that are technology-led.

These challenges are bearing down on IT leaders, making the parameters of their role difficult to manage and causing more stress. Without making the necessary changes, not only do IT leaders risk causing operational inefficiency, but they also risk damaging their own as well as their firm’s reputation.

Progressive IT leaders are making smarter choices that save time and leverage existing resources. Working with an expert partner, they’re taking a step back to understand business processes and policies.

So how can IT leaders make the long-term WFA transition?

Progressive IT leaders are making smarter choices that save time and leverage existing resources. Working with an expert partner, they’re taking a step back to understand business processes and policies.

Placing users and applications at the core of their infrastructure and security strategy, they’re building visibility, security, and performance architectures across the endpoint, branch, and cloud, in a way that’s affordable and manageable.

Such an approach is helping them to think more clearly with input from external experts on best practices and leading technology. And it’s helping them to expand their resources, reduce risk, transform faster, and embrace innovation with confidence.

Leading with a Zero Trust approach to security, IT professionals can utilize Teneo’s years of experience across SASE and DEM (Digital Experience Monitoring) to build an agile roadmap that’s fit for long-term WFA, using existing architecture and resources as the starting point.

Teneo’s Work From Anywhere IT services help legal IT teams to identify policy requirements for each user group based on location and need. It enables them to develop end to end visibility to remove blind spots on the network, deploy and configure security and optimization tools to meet policy requirements, and provides 24x7x365 monitoring and management with ongoing service enhancements.

Customer examples:

Recognizing an increase in COVID-19 phishing attacks and sophisticated social engineering techniques, one global law firm sought to bolster its remote worker defenses due to the sensitive and confidential information held.

They quickly deployed Teneo’s endpoint security solution, WFA: Secured, and reduced one attacker’s total dwell time on the network to just 7.5 hours.

Thanks to the threat actor presence detected early in the process, they could mitigate the security risk before it had the chance to cause business disruption.​

Another of the top US law firms took a proactive approach to improve security and visibility, utilizing Teneo’s end user experience monitoring solution, WFA: Visible.

Prior to working with Teneo, the business was dealing with several bug issues and poor integration with its core applications, which impacted performance. They also had no idea that 50% of company devices were lagging behind the monthly security patch cycle that addresses vulnerabilities.

Since working with Teneo, the firm significantly improved employee productivity and security and dramatically reduced complaints from lawyers, which boosted the reputation of the IT team.

For more information about Teneo’s WFA IT services, visit www.teneo.net

Brett Ayres, Teneo’s Services Director, will be presenting on this topic at the 15th annual Securing the Law Firm event on 16 September. For more information and to book your place, visit: www.teneo.net/news/teneo-securing-the-law-firm

Contact us - We’d love to help you





    Teneo collects your personal data when you complete our online forms. We will use this information to provide an accurate response to your questions or requests and we will keep a record of your form completion in our CRM system. By submitting this form, you agree to us contacting you for the purpose of our response. For more information explaining how we use your personal data, please see our Privacy Policy.