Interview with Jay Harrington, Author of "The Essential Associate" Part 1

The Essential Associate, helps young lawyers not just survive, but thrive in today’s competitive law firm environment. It is a step-by-step guide for mastering both the practice and business of law, and includes the insights of dozens of successful lawyer, general counsel at Fortune 500 companies, and leading consultants to the legal industry.

Read More

Nimble Trends - 8 April 2018

Here's what's trending in the legal industry:

  • Is 2018 the year of the mega law firm merger?
  • Recently announced law firm mergers.
  • GDPR advice and guidance from the European Union.
  • Advice for interviewing in-house.
  • A recent study says that law departments want to add more lawyers but will they get the budget to do so?
  • And, much more.
Read More

Take the 2018 Nimble Legal Market Outlook Survey Now!

You are invited to take the 2018 Nimble Legal Market Outlook survey.  Please click here to take the survey now!

This year’s survey will take less than 8 minutes to complete.

We conducted our initial survey last year and it yielded some important key takeaways for law departments such as:

  • Law firms were much more optimistic than law departments about the demand for legal services in 2017.

  • Law Departments had these three topics as their top priorities in 2017:

    • Ethics/Compliance

    • Reduction of Legal Spend

    • Data Privacy and Security

To get the results of the 2017 Nimble Legal Market Outlook Survey click here

Please take this year’s survey and offer your insights into the 2018 Legal Market!









Nimble Trends - 30 January 2018

Here's what's trending in the legal industry: (1) General Counsel find that smaller law firms provide better service and are more innovative, (2) the traits and skills necessary for future lawyers, (3) a Gender Bias suit filed against a BigLaw firm, (4) the General Counsel is supposed to be a role model and moral leader, and (5) Legal Operations Chiefs are working with inadequate Legal Technology.  And More!

Read More

Top Insights from Industry Experts on Cyber Security and Legal Technology

Over 50 people attended the first ever Nimble Forum on September 14th where we had an interactive discussion on cyber security and legal technology.  

Read More

6 Relationships that Matter Most to Cyber Security

We learned some great stuff at our first Nimble Forum on September 14, 2017.  Here is the first of a few posts on the great discussions we had and the insight gained by all that attended.

Cyber security is a complex, multi-faceted problem.  There is not ONE owner, so many different departments across an organization have to come together to manage the risk.  It’s critical to be proactive and get these parties together and working to protect the organization BEFORE anything bad happens.  

1. Legal

Legal’s primary job in working to prevent a Cyber breach is to make sure all of the right functions are included and have a seat at the table.  Legal can help lead the group but Legal cannot effectively do all of the work on its own.   Facilitating data mapping (where are Personally Identifiable Information (“PII”) and Protected Health Information (“PHI”) stored), preparing a Data Breach Incident Response Plan, arming Supply Chain and HR with “Cyber Protection and Breach provisions” for every vendor or supplier contract that could involve PII or PHI, are all areas where legal has to take lead.  

2. Supply Chain

Managing the contracts with the suppliers who may gather and store sensitive data about your organization in the course of doing business.  When negotiating the contracts that define the business relationship, you have to think about how that data will be managed--language that governs how the data will be protected,  who is responsible and what is the process if the data is breached,  if the business relationship ends how/when must the third party destroy the data.  

3. IT

Information technology departments set the strategy for the technical side of protecting systems and data.  From firewalls to email filters, they try to keep the bad actors out of company systems.  They will know where all your internal data is. Hackers move fast--IT needs to stay educated.  And they should be involved any time data is going to be shared with a customer/supplier to be sure the third party has adequate controls.  IT should work with Supply Chain, HR, and Legal to audit the Information Security practices of all vendors and suppliers on a regular basis.   

4. HR

HR is accountable for some of the most super-secret data--PII--birthdates, social security numbers, etc. HR also has plenty of employee PHI.  It is essential that HR, IT, and Legal partner up on the TRAINING of the organization’s employees when it comes to Cyber Security.  Training is the most effective way to minimize Cyber threats.  HR should partner with each of the other functions listed to ensure that their internal processes and third party vendors are up to snuff.

5. Insurance and Risk Management (“IRM”)

IRM must be intimately involved in the drafting of the Data Breach Incident Response Plan.  In particular, working closely with Communications, IT, and Legal to develop a plan that has few holes.  IRM should lead the cross-functional team through annual Data Breach Incident tabletop exercises where representatives from each function act out how they would respond to an actual Data Breach.  This will help identify gaps and improve the organization’s ability to swiftly and confidently respond to an inevitable Data Breach. IRM must work with Legal and Supply Chain regarding Cyber insurance requirements the organization is requesting from its vendors and suppliers.  

6. Communications

Communications plays a key role in the internal and external statements regarding a Data Breach.  Communications working with HR and Legal should prepare draft internal and external statements regarding a Data Breach  Communications should identify any internal leaders that would perform well in front of cameras and under intense scrutiny.  It’s important to have those leaders identified now - not after a breach has already occurred.  Now is the time for training.  

Don’t wait for some other department to take ownership.  If your organization doesn’t have all of these functions, you should work with your third-party vendors that fill those roles.  Get the ball rolling and work together because a cyber breach is not the ideal time to make new friends.