A Law Firm's Hiring Strategies for Handling New Security Concerns
- 01 November, 2011 08:44
- Comments
As CIO and managing director of Morrison and Foerster-ranked among the 50 largest law firms in the world by revenue-Neeraj Rajpal is responsible for implementing strategic and tactical global IT and for managing records initiatives for the firm's 1,200 lawyers in 16 global offices.
New regulations, such as the Dodd-Frank Act passed in response to the 2008 recession, have led to more stringent client audits and the need for Rajpal to add a new leader to the IT organization who understands business and technology. In this interview, Rajpal explains what drove the creation of this new role and what his strategy has been for getting it filled.
Morrison and Foerster recently created a new role: privacy, compliance and data security manager. What led to its creation?
We were seeing more stringent client audit requirements. In the past, a simple multiple-choice questionnaire would suffice. Today clients are asking for more-much more. They want to visit our data centers, interview our IT personnel and, in some cases, are asking to perform penetration tests to test the security of our network. They want to evaluate our access-control policy and data-security procedures and see how we protect our data-or, in many cases, their data. So you might say this was actually driven by our clients.
But you already had a privacy council and other governance in place. Why do this now?
With stricter regulations around data privacy, clients are growing more and more concerned about the use of external service providers. They are shortening their list of preferred providers and want to partner not only with those that provide the best legal advice, but also with those that take privacy and risk management seriously. IT is now an enabler to the practice, a true partner in every sense of the word.
What characteristics and experience will you look for in this new hire?
First, this position will report to me. But the skill set is not limited to just IT or an understanding of what is happening on the infrastructure side. The ideal candidate will have experience working with the front office and will understand the regulations and governance issues affecting global businesses.
What was the process you went through internally to get approval for this new position?
I worked with the risk-management committee, the head of the data privacy practice and the privacy council. The firm takes these issues extremely seriously, so this was a relatively easy sell.
What industry experience or personal characteristics are required for this person to be successful?
You have to possess strong relationship management skills, as you will be interfacing with lawyers within the firm and, sometimes, external clients. As we are a partnership, coming from a professional services background will be a plus. [That experience makes it] easier to understand the culture and environment you will be working in.
What experience will you be looking for on the technical side?
It is difficult to find people who understand both technology and what runs the practice. Understanding governance issues and how regulations might affect us are important requirements for this position. An individual must possess IT security management experience and the Certified Information Systems Security Professional or Certified Information Security Manager certification.
Phil Schneidermeyer is a partner in the New York office of Heidrick and Struggles, where he specializes in recruiting CIOs and CTOs for all industries.
Read more about hiring in CIO's Hiring Drilldown.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
- Bookmark this page
- Share this article
- Got more on this story? Email CIO
- Follow CIO on twitter
-
Apple aims iPads at High Schools
-
Face Time - Interview with John Brennan and Robert DiStefano
-
Google Jumps Into Social Bookmarks Game
-
NBN build gaining momentum daily: Quigley
-
Face Time - Interview with John Brennan and Robert DiStefano
-
A Technical Overview of the Oracle Exadata Database Machine and Exadata Storage Server
Businesses today increasingly need to leverage a unified database platform to enable the deployment and consolidation of all applications onto one common infrastructure. Whether OLTP, DW or mixed workload a common infrastructure delivers the efficiencies and reusability the datacenter needs – and provides the reality of grid computing in-house. Read on. -
HP ePrint Enterprise mobile printing solution
The merger of mobile devices and cloud services has become one of the most significant enablers of business productivity and innovation in the past decade. We now hold the power of communicating and computing in the palms of our hands, nearly anywhere business or life takes us. However, one key business process has eluded the mobility movement: printing. Even the most technically enabled business travelers find themselves hunting down print services while on the road and interrupting IT managers when visiting a branch office simply to print a document. But finally, a truly mobile print experience is available—helping enterprises to drive business productivity further. Read more. -
Optimizing Data Quality in the Enterprise - How to Tackle Your Bad Information
Data quality – the measure of data accuracy, completeness, and consistency across a business – has become the core focus of information management efforts among many of today’s organizations. Problems with data quality continue to plague corporations of all types and sizes. In this paper, we will discuss some techniques companies can implement to enhance data quality across the entire enterprise. We will also highlight data quality management solutions, which provide businesses with the ability to effectively and economically enhance the correctness, completeness, and consistency of information in each and every system within their technology infrastructure.
Get exclusive access to Invitation only events CIO, reports & analysis. 
Comments
Post new comment