Extensive Testing on Company-wide IT Project with Minimum Disruption as Trusted Cybersecurity Partner to Burness Paull LLP

The Client

Burness Paull LLP (Burness Paull) is one of Scotland’s leading commercial law firms, acting for clients in the private and public sectors. The 500-strong, 59 partner firm works with clients across Scotland, the UK and globally in the key sectors of Corporate Scotland, Property and Infrastructure, Finance and Oil and Gas, from three offices in Glasgow, Edinburgh and Aberdeen.

The Challenge

Burness Paull‘s vision is to be the leading Scottish law firm in the world. Aligned to this it seeks to optimise its IT systems to ensure peak performance and optimum security.

Billy Kirkwood, IT director at Burness Paull, feels that in an increasingly connected world, security for businesses such as his is becoming an ever more sophisticated challenge, and so the firm’s response to these threats must evolve to keep pace.

He emphasised the growth of the issue in recent years: “The security of our clients’ data is absolutely critical. Cybersecurity is no longer a challenge limited to back office, but a general business challenge across the sector.”

Burness Paull’s clients are also conscious of potential threats to cybersecurity and as such seek reassurances that their data will be safe during any engagement with the firm. This is consistent with increasing regulation aimed at ensuring companies who handle customer data demonstrate a high level of cybersecurity risk management through process.

When Burness Paull launched a company-wide IT project, the firm knew it was imperative to find an independent expert advisor to analyse the venture from a cybersecurity perspective, in order to deal with any potential challenges. Commissum’s local presence, high levels of accreditation and excellent account management system contributed to its suitability for the task.

All work, including tests on Burness Paull’s IT network, was to be completed during normal working hours. It was critical that disruption to the firm’s everyday operations was kept to an absolute minimum, whilst ensuring comprehensive testing took place.

  • All testing conducted without disruption during regular office hours
  • Simple, high-impact changes recommended following initial work
  • User-friendly feedback reports allowed speedy, precise remediation
  • Excellent account management allowed work to take place without admin interference

Cybersecurity is no longer a challenge limited to back office, but a general business challenge across the sector. We are lucky that we came across Commissum, who have been helping us meet that challenge.

Billy Kirkwood, IT Director at Burness Paul

Service Provided

Commissum first carried out a thorough penetration test on the part of Burness Paull’s IT network that can be accessed from the internet. Despite the tests being carried out during regular business hours, Commissum ensured absolutely minimal disruption to the firm’s operations throughout.

After completing the testing process, Commissum provided a report with recommendations for follow-up. Burness Paull was impressed with the presentation and detail of the report, and thanks to user-friendly feedback, all issues highlighted were able to be dealt with promptly and proportionately.

Following this initial work, Billy Kirkwood thanked Commissum on behalf of Burness Paull, and recommended the consultancy be selected as a cybersecurity services partner for the firm.

Once corrective work of issues flagged in the initial report had been carried out, Burness Paull wanted to demonstrate their commitment to cybersecurity and elected to proceed with Cyber Essentials certification – a government-backed, industry-supported scheme that demonstrates organisations have implemented controls to protect themselves from the most common cyber-attacks. Burness Paull had noted that clients often asked whether it was certified against the scheme, and are now proud to be able to meet those queries with a positive answer, thereby tangibly demonstrating the firm’s commitment to cybersecurity.

Burness Paull appreciates Commissum’s efforts to put them at the forefront of any industry trends; following an initial engagement, Commissum and Burness Paull have worked together continually for more than 5 years.

Commissum are experts in helping organisations just like Burness Paull LLP harden their security. If you’d like to increase security at your law firm, please get in touch.