Rethinking Technology Talent Structures

I spoke last week to a former Am Law 100 peer struggling to find new responsibilities for his skilled technicians due to the stability of recently implemented cloud-based firm software. Worried that his traditional IT staffing model may no longer apply, the CIO wondered what to do next? I replied this was to be expected and overdue, traditional technology roles and responsibilities need to be reinvented to meet the latest challenges for their firms and lawyers. There has never been a better moment to review the broader business goals and job functions of IT than after such a seismic acceleration shift in the global workforce.

Why hasn’t it happened already? Why do most firms rely on legacy staffing models for IT? Much of the problem is rooted in an archaic structure that has held fast since technology entered the workplace in the 1980s. Internal IT departments were typically set up and operated as a self-contained service provider to company personnel. Granted full control of technology and deference to such knowledge, they act like any other monopoly and maintained self-existence. Too often, internal IT operators fail to zoom out and recognize the key performance deliverables required by their firm’s practitioners and systems for the firm to achieve efficiency.

Reallocating or reducing headcount to achieve operational cost effectiveness is a worthy goal. However, one alternative notion to consider is the evolution of a service model traditionally used to provide lawyers with administrative assistance to one which meets more specialized technology needs. For example, firms can shift headcount FTEs to skilled technical resources with demonstrable expertise supporting the unique needs of the litigation practice, including pre-trial deposition, eDiscovery review tools, and evidence/exhibit presentation software for trials. All of these can provide far greater revenue value to the practicing lawyers group than a technology generalist resource/expense serving a broader audience.

The pandemic has forced lawyers to strengthen their technical skills during COVID-19. The roles of trainer, system administrator, application specialist, engineers, and many other long-standing IT positions must similarly transform to meet the new organization, including assessment and servicing cross-disciplinary practice needs. Those who do not risk obsolescence. This includes delivery of technical services that are remote-friendly and inclusive, offer a high degree of specialized knowledge toward law practice and can enhance business intelligence efforts to measure/increase profitability, establish realistic pricing, and boost firm profits.

Combined with an annual assessment of both a firm’s technical infrastructure and cyberdefense posture, the new paradigm offers management an opportunity to realign its technology strategy and initiatives to best meet marketplace demand and its own stakeholders’ needs.

Too often, “innovation” in the legal field is merely modest change trumpeted by the purchase and implementation of new technologies, collaboration tools, or pricing models, all of which typically meet resistance during adoption. In contrast, substantively increasing the overall IT service level to lawyers through realignment, replacement, or reduction of Human IT capital is sustainable innovation worth celebrating.

Cybersecurity: Prepare For Battle!

T o strike when and where an enemy is most vulnerable is a cardinal tenet of Sun Tzu’s Art of War, a strategy shared by cyber criminals looking to penetrate organizational defenses. The rapid expansion of the remote workforce has significantly increased the attack surface of corporate networks, creating multiple vulnerabilities for hackers to inflict chaos or to steal sensitive information for profit.

As a result, and realizing the last thing needed is further turmoil, cyberattacks are likely to rise heavily in number and severity over the coming months as workers continue to use unsecured personal devices across vulnerable home internet connections. Forecasts suggest traditional coerced ransomware decryption costs from businesses in the United States alone are likely to exceed $1.4 billion in 2020, a daunting figure that does not consider the destructive damage of wiper malware, a more severe type of encryption attack which cannot be reversed.

While every organization weighs cost and benefits of cybersecurity defense according to their own internal priorities, we regularly advise our clients that a key differentiator in limiting damage from an attack is the ability to act quickly and decisively. Central to defense is creating an operative Incident Response Plan (IRP) in advance to guarantee that any cybersecurity incidents which jeopardize the privacy of sensitive information are properly identified, contained, investigated, and remedied.

Such a Plan should evaluate scope and response to the applicable risk and underlying information value. Plan components should also be periodically tested to identify and correct gaps and implement pertinent recovery and reporting procedures. To achieve this, organizations should be wary of battling cyber adversaries only internally and enlist external expertise including professionals experienced in planning and response.

Establishing advance advisory relationships with external subject matter experts including a cyber insurance carrier, forensic discovery firm, public relations firm, consumer notification firm, legal counsel, and other service providers will ensure a ready team to deploy to support organizational leadership in response to a cyberattack or other crisis. Don’t be caught with your guard down, accomplish your cybersecurity preparedness now.