Law and Digital Order: Why Achieving ISO27001 Certification Is Merely The Beginning

As one of the leading legal firms in the technology space, Bird & Bird have successfully developed information security into a clear core competency and significant point of difference, as highlighted by their ongoing ISO 27001 accreditation.

We met with CTO, Karen Jacks, and Information Security Officer, Tim Collinson, to learn how they have built robust security into their firm’s DNA. We spoke with them about:

  • Embedding information security into a business
  • The benefits and challenges of ISO 27001 certification
  • Ensuring standards are maintained after certification
  • Reporting lines for a CISO

 

WATCH THE FULL INTERVIEWS BELOW:

 

 

Karen Jacks, Chief Technology Officer

1) How has information security changed the business in the last 5 years?

2) What would you say are the main benefits of implementing ISO 27001?

3) What advice would you give someone thinking of implementing ISO 27001?

4) Now that you’ve achieved certification, what do you see the challenges being going forward?

1) How has information security changed the business in the last 5 years?

 

2) What would you say are the main benefits of implementing ISO 27001?

 

3) What advice would you give someone thinking of implementing ISO 27001?

 

4) Now that you’ve achieved certification, what do you see the challenges being going forward?

 

Tim Collinson, Information Security Officer

1) What did you find were the biggest challenges implementing ISO 27001?

2) What were the key factors in successfully rolling this out globally?

3) Since certification was achieved, how have you ensured standards are maintained?

4) How do you see privacy impacting information security?

5) As a mature law firm, where do you see the biggest challenges coming from in the next 5 years?

6) Where do you think the role of the CISO should report and why?

1) What did you find were the biggest challenges implementing ISO 27001?

 

2) What were the key factors in successfully rolling this out globally?

 

3) Since certification was achieved, how have you ensured standards are maintained?

 

4) How do you see privacy impacting information security?

 

5) As a mature law firm, where do you see the biggest challenges coming from in the next 5 years?

 

6) Where do you think the role of the CISO should report and why?