With 2018 winding down we are reflecting on what a great year 2018 was! We’ll have a bigger announcement soon but our Blog recently won The Expert Institute’s Best Legal Blog for the Legal Tech category! We’ve heard the “12 Days of Christmas” repeatedly this month so as 2018 comes to a close here are Nimble’s Top 12 Blog Posts from 2018:
On September 26th at TalentLaunch in suburban Clevelad, we gathered 9 legal industry thought leaders (in-house counsel, law firm partners, law firm CFOs, and Plante Moran’s law firm practice partner) to discuss the pressures law departments and law firms face and how they can work together better. In attendance were various General Counsels, in-house counsels, Managing Partners of law firms, law firm pricing analysts, and members of various alternative legal service providers and legal technology companies.
Here are the highlights:
Back in January of 2017, we made 8 predictions about the legal industry for the upcoming year. You can read that blog post by clicking here. That was also our first ever blog post (sniffle, sniffle)! Is that the digital equivalent of a rookie card?
We gazed longingly into the Nimble Magic Eight Ball and tossed out these 8 predictions about the legal industry in 2017:
If your law department or law firm is still delivering legal services the same way it was doing it 10 years ago, you’re behind. Change is happening because purchasers of legal service are demanding it and innovative legal service delivery models have entered the marketplace.
On October 25, 2017, we convened our 2017 Nimble Forum on Legal Industry Pressures, Operation Efficiency, and Pricing Strategies. Our first panel had a thought-provoking discussion on Legal Industry Pressures and identified 8 Key Trends in the Legal Industry. The idea of this Nimble Forum was spawned by our 2017 Legal Market Outlook Survey. You can get a complimentary copy of those results here.
Our great panelists for this topic were:
- Teresan Gilbert-Chief Intellectual Property Counsel at Lubrizol
- Nancy Berardinelli-Krantz-VP and Chief Counsel, Litigation at Eaton
- Bill Garcia-Chief Practice Innovation Officer at Thompson Hine LLP
- Rebecca Grunick-Senior Director at Black Letter Discovery
The 8 Key Trends identified in the discussion are:
1. Law Department Budget Cuts. Law Departments are expected to “Do More With Less.” Law Department Budget is not coming back. The law department is expected to act like every other department and create efficiencies and help provide some return on investment. Sometimes this means creating self-help tools to enable non-lawyers to do some of the work that the law department used to do. Other times it means finding ways to use technology to automate tasks. Law departments and law firms are sitting on a lot of unmined data. By gathering the data and interpreting it, law departments and law firms can make many more strategic and prioritization legal spend decisions, which transitions nicely to #2.
2. Legal Operations. Law departments and law firms are sitting on a mountain of data. Lawyers need to adapt how they work and start to see some of what they do as a repeatable process. Every litigation has similar steps, a similar process. Each acquisition transaction is different in some way but, in general, the overall process is the same. There are organizations like CLOC (the Corporate Legal Operations Consortium), that are pushing for standardization of legal processes.
3. Innovation. From alternative legal service providers to legal technology to CLOC there is a ton of innovation going on in the legal industry. Each is innovating legal service delivery. The widespread adoption of these innovators has been slower than in other industries because lawyers are typically risk adverse. Law firms that partner with alternative legal service providers are seen as innovative and progressive by purchasers of legal service.
4. Talent Development and Management. It is not enough to be a “good lawyer.” Within law departments, the lawyers also have to be legal operations specialists. Business acumen is critical. You have to be able to provide strategic data and metrics to your business partners. Many senior lawyers are aiming to avoid change because they think they’ll be gone before they are forced to. Many younger lawyers are hungry for change and innovation. What does the role of a lawyer look like in 5 to 10 years? Will law firms hire a non-lawyer sales force? How are law departments and law firms developing their talent pools? What is the succession planning for baby boomers?
5. Diversity and Inclusion. Purchasers of legal service are serious about their commitment to diversity and inclusion and are ceasing to do work with law firms that are not showing a similar commitment. Eaton has a goal of one-third of their North American outside legal spend going to diverse firms.
6. Feedback and Continuous Improvement. More and more law departments are conducting a formal annual review process of their legal service providers. Law departments want their law firms to reciprocate with client satisfaction surveys and performance review meetings. Law departments are looking for true business partners that add value, continuously get better, and provide business intelligence. This is the type of relationship building they are looking for and not tickets to basketball games and concerts.
7. Convergence/Consolidation. Tied to #7 and the annual review process is the consolidation of legal service providers. This is an ongoing trend and the law departments represented on our panel talked about how they removed up to 10 law firms last year due to performance issues whether that be efficiency or what was viewed as a lack of commitment to diversity. Consolidation of legal service providers allows the law department to wield more pricing power soliciting larger volume discounts.
8. Cost Certainty. Purchasers of legal service are looking for cost certainty. That is not going to change. Law firms continue to struggle with budgets. “I need a number not a range.” Law firms are failing to proactively offer alternative fee arrangements. Meanwhile, law departments are getting more sophisticated with their data. They know what most types of matters should cost because they’ve mined that data. Law departments are looking for cost certainty and creativity when it comes to pricing. Proposing hourly rate structures in RFP responses is viewed negatively.
If you thought this discussion was great, come to our next Nimble Forum on Hiring & Culture: Best Practices. We have another great group of panelists. Click Here for more information.
If you looking to improve your legal service provider selection process, take a look at the Nimble Guide to the Legal Service Provider Selection Process by clicking here.
From the 2017 Nimble Forum on Cyber Security
On Thursday, September 14, 2017, we gathered a panel of six industry professionals to lead a panel on the topic of cyber security for our Nimble Forum. Cyber security is a trending topic due to the string of computer and ransomware attacks that have increased in severity and frequency over the past few years. Companies and individuals alike are more worried about being hacked and how to answer the new age question: how do I protect myself from a cyber attack?
Our fantastic panel included:
- Chris Clymer, Director of Information Security Systems, MRK Technologies
- Molly Drake, Senior Corporate Counsel, A. Schulman
- Pat Haggerty, Partner, BakerHostetler
- Barry Spencer, Special Agent, Federal Bureau of Investigation
- Ann Weinzimmer, Vice President and General Counsel, More Than Gourmet
- Jennifer White Visek, Vice President, Cyber, Tech E&O, Aon Risk Solutions
To get the discussion rolling, we asked each panelist what they believe is the “one thing” a company should be doing in order to limit their company’s cyber exposure. Their responses outlined the "one thing" they each believe to be crucial in protecting their own companies or their clients. Here are each of the points they made:
Take the time to know what information you're collecting and what you're sending out. Know your processes and where the holes might be.
Examine and look at your network hardware and computers, and then look at the people who access and can control them.
Understand where the risks truly are. Know where the data is and where there are possible exposure points.
Realize the threat is not just what is coming into the system. There’s a real threat of the information going out.
Know what you’re protecting. Most people are focused on the anti-virus and protection methods, not what they’re protecting. So know what are the assets you’re protecting.
Training. Phishing training for example. A lot of incidents/attacks are not super sophisticated and are actually common mistakes. It also helps to keep system logs for at least 1 year.
Just as each of their suggestions vary, you may realize there are not only many ways to be exposed to a cyber attack, but (take some comfort) there are many ways to help prevent and protect yourself and your company. Looking over this list, how do you and your company compare? Do you have any suggestions that you would add?
If you like these tips, or want to hear more about our next Nimble Forum be sure to subscribe to our mailing list at nimbleconsultingserevices.com/subscribe!
For more information on our next Nimble Forum click here.
We learned some great stuff at our first Nimble Forum on September 14, 2017. Here is the first of a few posts on the great discussions we had and the insight gained by all that attended.
Cyber security is a complex, multi-faceted problem. There is not ONE owner, so many different departments across an organization have to come together to manage the risk. It’s critical to be proactive and get these parties together and working to protect the organization BEFORE anything bad happens.
Legal’s primary job in working to prevent a Cyber breach is to make sure all of the right functions are included and have a seat at the table. Legal can help lead the group but Legal cannot effectively do all of the work on its own. Facilitating data mapping (where are Personally Identifiable Information (“PII”) and Protected Health Information (“PHI”) stored), preparing a Data Breach Incident Response Plan, arming Supply Chain and HR with “Cyber Protection and Breach provisions” for every vendor or supplier contract that could involve PII or PHI, are all areas where legal has to take lead.
2. Supply Chain
Managing the contracts with the suppliers who may gather and store sensitive data about your organization in the course of doing business. When negotiating the contracts that define the business relationship, you have to think about how that data will be managed--language that governs how the data will be protected, who is responsible and what is the process if the data is breached, if the business relationship ends how/when must the third party destroy the data.
Information technology departments set the strategy for the technical side of protecting systems and data. From firewalls to email filters, they try to keep the bad actors out of company systems. They will know where all your internal data is. Hackers move fast--IT needs to stay educated. And they should be involved any time data is going to be shared with a customer/supplier to be sure the third party has adequate controls. IT should work with Supply Chain, HR, and Legal to audit the Information Security practices of all vendors and suppliers on a regular basis.
HR is accountable for some of the most super-secret data--PII--birthdates, social security numbers, etc. HR also has plenty of employee PHI. It is essential that HR, IT, and Legal partner up on the TRAINING of the organization’s employees when it comes to Cyber Security. Training is the most effective way to minimize Cyber threats. HR should partner with each of the other functions listed to ensure that their internal processes and third party vendors are up to snuff.
5. Insurance and Risk Management (“IRM”)
IRM must be intimately involved in the drafting of the Data Breach Incident Response Plan. In particular, working closely with Communications, IT, and Legal to develop a plan that has few holes. IRM should lead the cross-functional team through annual Data Breach Incident tabletop exercises where representatives from each function act out how they would respond to an actual Data Breach. This will help identify gaps and improve the organization’s ability to swiftly and confidently respond to an inevitable Data Breach. IRM must work with Legal and Supply Chain regarding Cyber insurance requirements the organization is requesting from its vendors and suppliers.
Communications plays a key role in the internal and external statements regarding a Data Breach. Communications working with HR and Legal should prepare draft internal and external statements regarding a Data Breach Communications should identify any internal leaders that would perform well in front of cameras and under intense scrutiny. It’s important to have those leaders identified now - not after a breach has already occurred. Now is the time for training.
Don’t wait for some other department to take ownership. If your organization doesn’t have all of these functions, you should work with your third-party vendors that fill those roles. Get the ball rolling and work together because a cyber breach is not the ideal time to make new friends.
JOIN OUR NEXT NIMBLE FORUM ON OCTOBER 25, 2017 BY CLICKING HERE.