Intellectual property law firm seeks IT risk and network vulnerability assessments to protect sensitive data

Our client’s need

One of the largest intellectual property law firms in the U.S. engaged Baker Tilly’s professional services and cyber risk professionals for an objective and independent assessment of its information technology (IT) processes and controls, as well as its IT security profile. These services involve working with extremely sensitive intellectual property data held by the law firm, as well as working with the firm’s tech-savvy user base. One of our client’s key priorities was to outsource the assessment to a trusted and reputable provider with deep industry experience.

Baker Tilly Solution

Baker Tilly’s professional services practice provides specialized accounting and advisory services to more than 100 law firms, many that are among the Am Law 100. Our client entrusted Baker Tilly’s professional services and cyber risk professionals to perform sensitive IT services because they were confident that they could rely on our in-depth industry experience, innovative operational ideas and customized service offerings.

For this engagement, Baker Tilly collaborated with leaders across functions—and at all levels—to facilitate pragmatic strategies from an enterprise-wide perspective. Using an integrated approach, we worked to make sure the client remained focused on the strategic landscape of the organization while we performed the following services:

• IT risk assessment: Baker Tilly provided risk-based recommendations for process and controls improvement related to IT governance, IT security and mobile device management.
• Network vulnerability assessment: Baker Tilly identified current state internal, external and wireless network vulnerabilities and weaknesses, as well as provided related recommendations for remediation. We also conducted limited, hands-on mobile device security testing.  

As a Valued Business Advisor, Baker Tilly clearly communicated to our client the current risks faced in their IT control environment, the recommended controls to put in place to mitigate those risks, the remaining risks (internal and external) after assessing the control environment and the consequence and likelihood of adverse events.

Results achieved

Baker Tilly helped our client gain an understanding of its strengths and weaknesses around IT security. Since this engagement was the first time our client had received an independent perspective, the Baker Tilly team actively took steps to ensure they had a positive experience with no interruptions to their daily operations. Baker Tilly believes the delivery of outsourcing IT security services should be a seamless process. Our professional services and cyber risk teams collaborate to add value for our clients by providing customized and creative strategies and actions that turn challenges into positive results—an approach that is especially aligned to the changing business needs of today’s law firms.

For more information on this topic, or to learn how Baker Tilly professional services and cyber risk specialists can help, contact our team.