Major risks affecting legal sector considered alongside strategies for dealing with them
What are the top three risks affecting the industry that you work in at the moment?
Client and other confidential information is integral to the legal industry and three key risks we are focused on are:
- breaches to client information through in insecure use of bring your own device;
- compromises to internal processes and key information through social engineering; and
- unintentional disclosure of information through careless actions like losing laptops, or personal devices
all of which can lead to financial and reputational consequences.
What are you doing to manage those risks?
Education and awareness are a sound foundation for managing new and emerging risks. We are running communications campaigns in offices across more than 30 countries that we hope will bring a fresh and interesting introduction to these subjects, while also acknowledging government standards and guidance. We recognise that this is a dynamic area and we will need to keep this in focus using a variety of mediums in the future. We also appreciate that there is much to learn from people in the business with expertise and an interest in these areas – it’s important to be flexible and respond to feedback from the business on how best to deliver important messages.
What’s the biggest challenge that you’ve overcome as a risk manager?
Appreciating, recognising and responding to cultural differences when implementing policy and practice to firm standards across the globe. Personal engagement and understanding is key.
So what’s the biggest risk you’ve ever taken?
Moving to the UK on my own many years ago with just a backpack and a sense of adventure.
What is the most important lesson that you’ve learnt?
Listen to people properly and be inquisitive. Don’t prejudge any situation so that you are able to clearly hear the facts and see multiple perspectives. Be flexible and recognise there is often more than one right answer.
What wisdom would you share with other risk professionals?
Take the time to get to know the people you work with on a personal and professional level. Listen, interact, be involved. Understand what impacts the people in your business, rather than basing your work on purely academic or theoretical models or the models of others.
What are you most proud of?
Working with an amazing team of people who could manage any risk or crisis.
Tell us a secret?
I have finally fully embraced social media.
Karla Cruickshanks, risk and business continuity manager
No comments yet