Case Study

Whiteford Taylor Preston

Whiteford Taylor Preston is a business law firm in Baltimore, Maryland. Established in 1933, the firm specializes in commercial, financial and transactional issues, including business formation, capital raising, mergers and acquisitions, recapitalizations and reorganizations, corporate succession planning and liquidity events. The IT team has a staff of 11 handling both traditional help desk and network administration and engineering in house. That staff serves 375 employees in total, approximately 200 attorneys and their office support staff. Whiteford Taylor Preston became an ID Agent customer in 2016, shortly after the company’s founding.

“We use it as a marketing tool. When we tell our clients that we take cybersecurity and information protection seriously, it might set us apart from other law firms that they might be considering. Clients are starting to get smarter about understanding that law firms have a lot of their sensitive information, so they want to know what you are doing to protect that information.”

Neil Cotherman Director of Information Technology, Whiteford Taylor Preston

Company: Whiteford Taylor Preston www.wtplaw.com
Industry: Legal Services
Headquarters: Baltimore, MD
Established: 1933
Interviewed: Neil Cotherman, Director of Information Technology

The Challenge

Each attorney in the firm is essentially running their own microbusiness in the form of their law practice. Not all attorneys and their staff are well-versed in cybersecurity best practices and could be engaging in potentially problematic behavior like password reuse, which is a common habit for many people. This issue introduces potential compliance challenges at a time when the client base is becoming more conscious about information security and privacy.

Goals of Whiteford Taylor Preston-ID Agent Business Relationship

  • To secure sensitive data
  • To monitor and mitigate password reuse concerns
  • To provide cybersecurity support for interconnected legal practices
  • To increase compliance to data security regulations and best practices
  • To demonstrate to clients that the firm takes information security seriously

The Solution

Neil and his team use Dark Web ID to benefit the firm in two important ways. Dark Web alerts and reporting empower his team to identify credential compromises, getting users to reset passwords before they are used for unauthorized access. Dark Web monitoring is also a valuable marketing tool to use with prospects who are considering the firm, to demonstrate the firm’s commitment to information security.

Dark Web ID empowers IT staffers to check if the flagged passwords comply with the firm’s password policy, verify if a credential is legitimately stolen or compromised, and address that vulnerability fast. The compromise reports give the IT staff data they can then utilize in conversations with employees who may not be up to date on cybersecurity best practices, educating them about the dangers of password reuse and recycling. Clients also find the firm’s use of a dark web monitoring service a comforting confirmation that they are choosing a law firm that takes the security of their information seriously.

Other Benefits from Partnering with ID Agent

Dark Web ID has a direct effect on the firm’s cybersecurity insurance costs, lowering premiums. It streamlines the access control process by alerting staffers to compromised credentials in time to avoid a cybersecurity incident by having those credentials changed.

Whiteford Taylor Preston also utilizes Dark Web ID as a marketing tool when referencing the firm’s security practices.

Learn how to gain peace-of-mind with Dark Web ID.

Book a Demo

“It allows us to respond favorably on applications for things like our cybersecurity insurance, where it has a potentially direct effect on what our premiums will be in a given year. The more stuff we have to try and keep things safe, the lower risk we are and the lower our premiums are.”

Neil Cotherman Director of Information Technology, Whiteford Taylor Preston

“I think ID Agent gets the stuff in a more timely manner than Have I Been Pwned. You'll get it through ID Agent before it makes its way to a public source like that. Time is of the essence for this kind of stuff.”

Neil Cotherman Director of Information Technology, Whiteford Taylor Preston

Looking Forward

The firm’s IT team is beginning to explore security automation and managed SOC solutions as potential options to further strengthen its security posture.