Information Assurance


Securing the Law Firm

by Shannon Simpson | Sep 12, 2013
CNS Group are today attending and presenting at the Securing the Law Firm event at the Marriot in Grosvenor Square. The event promises to be very interesting with a number of highly topical subject being raised.

CNS are pleased to be able to bring their experience in securing the law firm to the table and will be available at their stand through out the day to discuss our work, methods and services.

CNS Group gives firms access to the most dedicated experts in Information Assurance and IT Security. CNS’ aim is to guide an organisation to the appropriate level of Information and IT security for their business. This is possible as all Hut3 consultants have operational experience, so we appreciate that IA issues cannot be met with limitless budget or time. Our advice is pragmatic and designed to fit the individual business under consideration, while meeting the risk appetite or compliance need of the customer.

We typically tailor programmes for law firms that ensure that their sector and firm specific information security goals and compliance needs are met. Our analysis is delivered across all facets of a business and not just information technology e.g. physical, process, personnel and technology to ensure a balanced risk based approach is delivered effectively across your business in a consistent and cost effective manner.


ISO27001 is one specific area that CNS is currently assisting a number of law firms with. The need to gain full ISO27001 certification varies from firm to firm and often will depend on which sectors the firm is specialising in.  With more contract bid requests, particularly from the Government and Financial sectors, requiring that a firm is certified to the standard, firms need to assess the business impact of not going for certification. 

Whether a firm needs full ISO27001 certification or would like to ensure that their security is appropriate for their business needs, CNS can assist. 

Hut3 areas of expertise also cover the following:
§ Tailored compliance programs for Law Firms
§ Information Risk Assessment
§ Information Assurance Maturity
§ Acting as a virtual CISO
§ Technical Assessment – including CHECK and CREST testing services 

See our Case Study for our work with Bird & Bird here.