Pentera

Bristows LLP adopts Pentera for enhanced ransomware resilience

Bristows LLP is a full-service international law firm. Specialising in life sciences and technology, the firm has always prioritised adherence to the highest standards in confidentiality and data protection for its clientele. With the largest data protection practice in Europe, Bristows LLP has consistently demonstrated its commitment to safeguarding client information.

The challenge: escalating ransomware threats

Cybercriminals are becoming increasingly sophisticated, and law firms – the gold mines of confidential information – are prime targets for ransomware attacks.

For Bristows LLP, the reality of these escalating threats necessitated a proactive security strategy. The firm was focused on not just understanding, but also testing how prepared they were to handle a ransomware attack. They needed to ensure that their existing security measures were functioning as required, and to verify the effectiveness of their security policies specifically against ransomware threats.

“We never assume that our security layers are optimised. We always validate.”

Chris Jory | IT Manager, Bristows LLP

Solution: Pentera’s automated security validation

In response to growing ransomware threats, Appurity introduced Bristows LLP to Pentera’s automated security validation technology.
Pentera’s approach is unique: it simulates real-world ransomware attacks within live environments, providing a detailed assessment of vulnerabilities and potential damage. This allows for a comprehensive understanding of the ‘blast radius’ and actual exploitation of weaknesses in the firm’s cyber defences.

Moreover, these real-world scenarios are played out fully in Bristows LLP’s production environment, so they have complete visibility of the full penetration potential of an attack and which assets would be exposed to the most risk.
With this visibility, Bristows LLP can ensure that its security infrastructure is working as expected against real-world ransomware strains. Any new tool or change to their system can be tested and validated, at any time of day, to ensure resilience against ransomware threats.

With Pentera, Bristows LLP now has a continuous monitoring system of its security estate – allowing the team to observe and respond promptly to changes in their security environment. Within two weeks of implementing Pentera’s solution they were able to make adjustments to improve their security posture.

The firm can now pinpoint areas of critical risk, assess AD credential strength, determine which vulnerabilities are actually exploitable, and ensure there’s no misconfiguration across their estate.

“We have worked with Appurity for a number of years on a multitude of security projects. The team works closely with many legal firms so they thoroughly understand the challenges we face, and the regulatory and ethical requirements to protect sensitive data without negatively affecting our fee earners’ and partners’ user experiences. Appurity’s knowledge of Pentera’s technology, and how to assess ransomware risks, means that we can work closely with them post-implementation, getting the best out of the solution.”

Chris Jory | IT Manager, Bristows LLP

Implementation

  1. Real-time penetration testing
    Pentera’s solution enables Bristows LLP to conduct ongoing, real-time penetration testing. This provides continuous insight into potential vulnerabilities, and continuously monitors the effectiveness of their security protocols.
  2. Risk management
    The firm can effectively manage its IT infrastructure against various threats. Pentera’s automated and regular reporting offers clear insights into existing security gaps, along with actionable recommendations for improvement.
  3. Validation and efficacy
    More than just identifying vulnerabilities, Pentera ensures that all security measures implemented by Bristows LLP are effective and resilient against potential attacks.

“We’ve worked with the team at Bristows LLP before to secure and manage their iOS devices, so we know how seriously they take security and data protection. When we spoke to the team about introducing a security validation solution that could safely emulate real-world ransomware attacks in their environment, we knew that Pentera would be the perfect fit. What’s really impressive about this solution is how the Bristows team can run validation tests whenever – they no longer have to rely on manual penetration testing that gives them a health check of their security posture at a single point in time. If they want to make a change to their environment, they can test its performance straight away. It’s a game changer for legal firms looking to evaluate the strength of their security infrastructure against dangerous ransomware threats.”

Steve Whiter | Director, Appurity

About Appurity

Appurity delivers best-in-class security solutions for legal firms of all sizes, endpoint to cloud, emphasising robust mitigation of sophisticated threats — including ransomware. Appurity’s expertise in bespoke security design ensures compliance with standards like ISO 27001 and Cyber Essentials Plus, enhancing both the security and efficiency of legal operations.

A key Appurity service offering is their Automated Security Validation (ASV) service, tailored specifically for law firms to test defences against ransomware attacks such as LockBit. By emulating real-world attacker behaviours and aligning with the MITRE framework, Appurity ensures a comprehensive evaluation of a firm’s cybersecurity resilience. This service provides regular, on-site validation of security controls.

In addition to ASV, Appurity employs advanced technologies and security frameworks like Zero Trust Network Access (ZTNA) and Secure Service Edge (SSE). Appurity is also an Android Enterprise Silver Partner and member of the Apple Consultant Network.

Appurity’s specialist security and management solutions enable fee earners to maintain high productivity using platforms and applications like Microsoft Teams and iManage, while ensuring the protection of sensitive corporate data and reinforcing the firm’s overall security posture.

Contact us about Security Validation

Share This Story, Choose Your Platform!

Ready to talk?

Confirm you are a human *

We're committed to your privacy. Appurity uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our Privacy Statement.