Case Study by Damian Della Gatta - Chief Information Officer, Holding Redlich
The Background
Holding Redlich is a national law firm with offices in Melbourne, Canberra, Sydney, Brisbane and Cairns. We provide a complete range of legal services for clients of all sizes, including many of Australia’s largest public and private companies and all levels of government.
We approached The Missing Link in early 2020 to undertake a program of work initiated to meet the requirements of a number of our key clients and the ever-changing threat landscape. We wanted to demonstrate that we were compliant with the Australian Signals Directorate’s Top Four strategies, which are understood to mitigate at least 85% of the intrusion techniques the Australian Cyber Security Centre responds to.
This engagement also included an ASD gap analysis, penetration and vulnerability test.
The Goal
As Chief Information Officer, one of my greatest concerns is how to appropriately resource our firm with the expertise and knowledge to protect our critical assets including our information, our infrastructure and our people against the risks and impact of cyber-attack.
Selecting the right security partner to provide sound advice and expert services to support our team was extremely important.
The Selection Process
Engaging the services of the Missing Link was logical. Having previously engaged them while working with other organisations, I understood their expertise and work surrounding the Australian Signals Directorate Essential 8 and Top 4. Having heard members of their team speaking at legal tech conferences, I was also well aware of their very specific knowledge of IT security-relevant to the legal industry.
The Relationship
We engaged The Missing Link just as COVID-19 was causing the country to go into lockdown. Whilst not ideal circumstances in which to commence a significant project, The Missing Link’s senior team was very proactive, building a rapport with our team and identifying effective ways to work.
The Difference
The IT security space is enormous and it’s rapidly evolving. You can spend months analysing products and solutions available to meet your organisation's needs and objectives. As we wanted to reach a specific level of maturity quite rapidly, The Missing Link was able to step in and work with our team to provide the expertise and knowledge to achieve this.
They evaluated our security posture, compared us against ASD standards and provided the feedback and analysis to support their recommendations. They then helped cut through much of the industry noise to provide us with clear advice on the steps and solutions needed to meet our requirements today and into the future. Supported by a clear and concise proposal as a result of the thorough analysis conducted, this level of engagement and clarity from the outset of such a large and ambitious project enabled us to confidently progress the project quickly.
Our firm now has a well-defined security program and is able to operate in line with industry best practices along with continuing to meet the security expectations of our clients. We’re now in a better position to adapt to the ever-evolving threat landscape and of course, as our security, risk and governance requirements continue to change, we know we have the support of The Missing Link going forward.
