Although the sector as a whole has traditionally been comparatively wary of the ever-increasing pace of technology, legal services are increasingly data driven, with an abundance of AI-related discussion emerging within legal technology circles. The core Document Management Systems (DMS) and Practice Management Systems (PMS) remain the centre of focus for how and where to deploy a variety of rapidly maturing SaaS platforms, or dedicated, highly customised suites.
To Test or Not to Test? - When it comes to IT disaster recovery and remediation processes, regular testing is not a 'nice to have' - it's absolutely essential!
This isn't hyperbole on my part. You just have to look at the news on any given day. We've all heard the horror stories of organisations in both the public and private sectors experiencing prolonged downtime during disasters due to inadequate preparation, lack of testing, and the unsuitability of their legacy remediation processes and systems.
On the 18th March 2024, the Information Commissioner's Office issued its updated guidance around the issuing of fines when organisations have been found liable for the integrity of their customers' or end users' data being compromised. It is already well-established now that failure to ensure critical data remains secure will result in costly fines, as we have seen repeatedly in multiple high-profile cases over the years.
With fundamental shifts in consumer behaviour, changing economic conditions, and a rapidly evolving regulatory environment, it's a challenging but exciting time for the UK's retail sector, and technology has a key role to play. In particular, advances in IT and networking solutions are empowering retailers to enhance their operational efficiency, improve the customer experience, and retain their competitive edge in an increasingly online and interconnected world.
The nature of AEC projects and the high volumes of sensitive data firms generate, transfer, and store on a daily basis make them a natural target for cyber criminals. Indeed, a recent Government study found that 5% of building firms have already fallen victim to some form of cyber-crime in the just a year, but that 26% of them still did not have adequate cyber security measures in place.
For some years now, Cloud adoption has been steadily on the rise across the UK's Finance sector, with organisations including banks, insurers, and investment firms phasing out increasingly cumbersome legacy systems in favour of more scalable, agile, and cost-effective infrastructure. Indeed, more than 48% of UK banking services are now built on Cloud infrastructure.
However, as with any technology that experiences a period of rapid growth, we are now moving beyond the initial emphasis on speed to market. As Unified Communications become an increasingly essential part of the virtual workplace, we must now establish exactly how this impacts users, how it meets compliance requirements, and how secure it is.
Our initial response to COVID-19, which focused on the rapid onboarding of UC solutions, has demonstrated that we should always be vigilant when implementing new systems. Technological developments to address immediate concerns are certainly essential, but users – both personal and professional – must be conscious of any security risks and ensure they follow best practice at all times, particularly with BYOD arrangements. For example, the importance of utilising strong passwords is already well-established, but its importance was highlighted once again by recent incidents where cracked passwords have been used to disrupt online meetings, taking advantage of platforms' lack of end-to-end encryption[2]. And whilst updates are regularly released for all platforms to rectify security issues as they are discovered, this doesn't eliminate the initial risk that is posed, which means users must take the time to educate themselves, with the support of their providers.
Data sovereignty is another serious concern, particularly in sectors like healthcare, legal and finance, which have strict requirements about how and where sensitive data is stored. Recent revelations that certain platforms routed user data through different countries to meet increasing demands for capacity[3] are putting organisations' security posture into sharp focus. Going forward, providers of UC solutions must offer their users complete confidence they are compliant with all local and international data protection regulations, such as the GDPR, which may mean maintaining data centres across multiple regions.
As organisations in both the private and public sectors become more conscious of the potential security risks surrounding UC solutions, we are sure to see the establishment of clear best practice amongst both providers and users. However, this will require close collaboration between all parties concerned if we are to take a proactive rather than reactive approach to the issue, ensuring robust security is inherent in the design of all UC solutions rather than offering fixes when a breach does occur.
With cyber breaches growing in volume and frequency (Carbon Black reported that 88% of UK organisations suffered a breach in 2018) you can guarantee that your organisation will be targeted by cybercriminals at some point.
The conversation was kicked off by guest speaker Steve Deakin, Head of Development and Operations at Lloyds of London, discussing his experiences of Cloud and the client perspective. Next followed Nick Robinson, Systems Engineering Manager at Palo Alto Networks, who provided a view of real world innovations and shared Cloud success stories that he has seen from his clients across EMEA.
Here is a high level summary and description of the quick wins that were discussed:
The Process:
Horizon Scanning & DevOps with an AGILE mind-set
Cybersecurity
Cloud Patterns
Data Lakes
A debate for another day
#Azure #AWS #CloudPatterns #Cybersecurity #OWASP #NCSC #DevOps #HorizonScanning #EthicalHacking #Digital Transformation
