Last week, blueAPACHE and Palo Alto Networks had the pleasure of hosting an intimate roundtable discussion with senior IT leaders of the Brisbane Law Firm community. Hosted at the Alchemy Restaurant & Bar, the attendees including blueAPACHE team members were joined by very special guest Sean Duca, the Vice President and Regional Chief Security Officer Asia Pacific of Palo Alto Networks.
The topic of discussion centred on how legal firms can obtain greater visibility and control across their network and gain a better understanding on the security gaps within their firm. It was widely accepted among attendees that it is not a matter of if they will suffer a data breach, but a matter of when, and therefore the focus should be on lowering the probability of a breach by improving protection, detection and response methods in relation to data protection.
However, the IT landscape in today’s Law Firms has become more complex; storing data not only in on-premise environments but in Private Cloud, Public Cloud, hosted applications (SaaS) and the devices of their mobile workforce. It was agreed that traditional security measures which only at the perimeter, or other ‘point solutions’, are not sufficient anymore.
Many of today’s stealthy, advanced and persistent cyber-attacks avoid traditional security measures throughout the attack life-cycle. It is becoming increasingly difficult to stay ahead of the curve when it comes to coordinating protection and response across multiple attack vectors. There were common challenges being experienced around end user education and staff self-awareness. Some believed that it’s everyone’s responsibility when it comes to being cyber-secure, whereas the counter viewpoint was it was the IT department’s responsibility to implement technologies that will protect users from themselves.
It was widely agreed that at the end of the day, there is no one silver bullet, but a combination or ‘tapestry’ of security layers that are needed to cover all potential security gaps. However, to understand what additional layers you require, first you need to understand the gaps that exist.
A big thank you to all who attended, it was a very enjoyable and informative event. For anyone who is interested in how you can assess the security gaps in your organisation, or joining a future roundtable discussion, please reach out to blueAPACHE.