November 07, 2014

How to Prepare for a Cyber Security Breach in the Big Data World

Visibility into contract data means being able to mitigate the effects of a cyber attack. 

We’re living in the brave new world of big data. It’s here, it’s real and it’s already changing our lives in awesome ways. With all of its potential, though, comes the fear that the vast stores of information institutions hold will be used for malevolent purposes.

The news has been filled with stories about data breaches, DDoS events, and other IT attacks. A quick flip through recent headlines recalls the punishing hacks of EBay, Home Depot, Verizon and P.F. Chang’s. According to Forbes’ assessment of the first half of 2014, “Criminals are stepping up their game and data breaches are becoming both common and devastating.”

As shown by the high-profile – not to mention highly embarrassing – breaches of the past year, even the biggest organizations cannot completely shield themselves from a cyber-attack or data breach, the risks of which are too obvious and numerous to mention. After implementing oversight/prevention strategies (outlined here by the Department of Homeland Security) the best thing executives can do to mitigate risk associated with cyber threats is to be prepared for them.

Far too many organizations have no idea which contracts contain terms addressing IT security breaches, let alone how the language varies across those that do. In the case of breach, there is no time to analyze what may potentially amount to thousands of contracts before taking action. Thus, corporations must prepare in advance in order to combat the risks associated with a cyber attack. According to a recent Corporate Counsel article, this means being proactive by “prioritizing resources and investments for reviewing vendor contracts and specific clauses addressing the risks relating to privacy, cyber security, data breaches and other cyber risks.”

Understanding what’s in your contract portfolio means you are equipped to create a strategy complete with plans of action that can be decisively and rapidly implemented. Only with access to complete contract knowledge through mechanisms such as best in breed contract management and discovery software, will response teams be able to find contracts relating to the specific type of breach, identify the contingencies stipulated in the contract, and work on remediation efforts to lessen the impact of the attack. “They also will be able to proactively determine which contracts the organization has that don’t include adequate breach or notification language,” the article continues. “This language is critical when determining a proper response. For example, if a breach occurs, does the breach meet the preagreed definition of a breach? If it does, what are the notification requirements? Are there other actions you’ve agreed to on a one-off basis, or is it part of your template?”

Your cyber security preparedness efforts will do more than mitigate loss in the unlikely event of breach: they will demonstrate to investors, partners and clients that your organization takes security seriously, and they will give your team the peace of mind to forge bravely ahead. 

October 30, 2014

Are You Afraid of the Dark?: Manage Risk Through Visibility

The scariest part of this Halloween season might be what’s lurking in the dark.  

We’re not talking about spiders and skeletons, ghouls or goblins; we’re talking about all the important – dare we say critical – information about your business that is kept hidden in filing cabinets, inboxes and shared drives. That’s right: contract data. The phrase alone may be enough to send chills up the spine of every General Counsel and Chief Compliance Officer in companies where contract data remains buried, disregarded, left for dead.

Indeed, far too many companies do not have any useful or meaningful way of analyzing the data in their legacy and active contracts – those common yet complex mechanisms by which nearly all of your external and internal affairs are governed. And when you have no way of knowing what and how many contracts you have, where you have them and what they say, you are exposing yourself to the most bone chilling word in today’s business world: risk.

One way to bury risk is to gain visibility into your company’s existing processes, knowledge and data. Visibility is the light bulb in the basement, the candle in the attic, the flashlight in the graveyard, the car keys in the abandoned truck with a full tank of gas.

How does one go about gaining the visibility that equates to adequate risk management?
The first step is to understand what is going around within and around your business. From a contract perspective, this means you have to do what was previously unthinkable. The task of manually compiling and organizing all of your company’s contract data is a terrifying one and rightly so. According to an oft-cited statistic from IACCM, the average global 1000 corporation maintains and manages over 40,000 active contracts. Manual contract creation and archiving? Manual searching and reporting? Downright bloodcurdling.

Adopting tech-based strategies such as contract lifecycle management tools with reporting, trigger and workflow capabilities, will work wonders for increasing both efficiency of and insight into existing processes. But according to CEB’s Risk Intelligence Quarterly: Q2 2014, visibility is more than just knowing what you have, it’s knowing how to use it.

The key to successful risk mitigation, according to the report, is tying data to goals. This is the real-world equivalent of using a cell phone to call 911 when the land lines have been cut by the prowling serial killer: it doesn't make good TV, but it does mean survival.

Visibility into contract data can go far beyond knowing when to renew a contract to activate a discount or being able to quickly locate non-standard, high-risk clauses. It can mean understanding the true worth of certain projects and partnerships. It can mean understanding the value of departments and individual employees. When metrics are extracted to answer specific questions, contract data can be a hugely important source of light.

Don’t let yourself fall victim to the darkness. This Halloween, turn on the light by adopting successful strategies to gain insight into the data at your fingertips, lest risk come knocking on the window…

October 21, 2014

Upcoming Webinar: What is Contract Lifecycle Management?

Contracts serve as the backbone of the modern business. They contain nearly all the information you need to be able to assess the health of your business and your business relationships, both internal and external. The best Contract Lifecycle Management (CLM) solutions available today not only automate contract creation, they import key data points from legacy contracts, so you can search, sort, share and report on the data of your entire contract portfolio.

In order to better explain what we mean by "the best solutions," we're hosting a free webinar on CLM. Think it might be interesting?

Are you...

        unsure where your contracts are or how many you have?
aware that you could be giving more to and getting more from your contracts?  
losing time and money on inefficient, manual-heavy or nonexistent contract management? 
blinded by lack of visibility into your contract data or frustrated by the bottlenecks of sales contracts in the legal department? 
interested in learning more about about how you can organize and share information with colleagues and how it can help your bottom line?
If you answered yes to any of the above questions, or just simply want to know more about CLM, you are invited to join us on Wednesday, October 29th at 12pm EST (5pm GMT).* The webinar will be free, brief and objective. 
Led by Grant Ramsey, our VP of Global Solutions (and all around great guy), this introductory yet deep-diving session is perfect for those who have never heard of CLM, have seriously explored implementing a CLM solution, or are at any stage in between. 
To register, click here.
*If you can't make it to the live webinar, register anyway to receive a link to the recording.

October 09, 2014

What's Wrong with Contract Management Software?

With time, CM software vendors will grow to
match the breadth of the existing opportunity.

In a recent post on his blog, Commitment Matters, Tim Cummins of IACCM observes that, while the usage of contract management (CM) software has increased substantially in recent years, it hasn’t quite lived up to the original hype. As a CM software company, we agree that many vendors and companies alike have been slow to recognize the full range of potential benefits from CM. Instead, vendors have specialized on one or two dimensions of CM – such as centralized storage or speedy drafting – while neglecting other parts of the contract lifecycle. The degree of customization thought necessary to meet individual corporation’s unique needs has often led to a cumbersome end-user experience, which discourages use, thus undercutting the inherent value of the solution.

But before you resign yourself to an eternity of contract blindness, there is hope. Many companies actually do get many things right. Tim mentions some areas – here in quotation – that he claims could jumpstart adoption, namely:

Data: “Contracts are a great untapped bastion of data.”
o   This is the crux of what so many CM vendors have been missing. Companies seeking a CM solution could do so much more than simply organize and structure their contract portfolio. Why would they settle for mere organization and efficiency when they could use CM software to gain access to the wealth of data imbedded in their contract terms in order to achieve better insight into all areas of the enterprise, from sales to HR? As we’ve written about this topic before, we won’t go in depth here, but feel free to check our previous post about how contract data adds value across the business. In short, a company’s contracts contain virtually every piece of important information about an enterprise and its clients, interactions, vendors, employees, assets, obligations, and sales; putting that information to work by analyzing this embedded data means unprecedented insight, which means more power and less risk.

Relationships: “Contracts are related to relationships.”
o   Historically, CM solutions have neglected to appreciate the legal complexity inherent in contract management. A vendor may have assumed, for example, that a contract is simply a transaction between two parties, while failing to recognize multilateral contracts, the legal distinction between parties and third parties, the concept of principal and agent, and the fact that one document can spawn multiple contracts. But just because recognizing the relational nature of contracts isn’t the norm doesn’t preclude some of the best vendors from appreciating that contracts are not static and separate from the context in which they operate.

Complexity: “Contracts are interdependent.”
o   This is part of the bigger point that contracts are messy, complex, and inter-reliant. Understanding contracts depends on understanding the way documents such as amendments, master agreements, statements of work and purchase orders interact with them. It depends on understanding renewals, assignment and novation. But most of all, it depends on recognizing that, contrary to what many people might naturally assume, contracts follow very few rules and are indeed a tool for bending and shaping rules, which means that only the best vendors are able to model them as structured data.

o   One thing that Tim did not mention in his post, but that we think is worth mentioning, was the failure of many CM vendors to adequately automate the creation and negotiation processes. When these are improved on sell-side contracts, the perception of CM can shift from a cost-reducer to a real revenue generator. When, for example, CM software can signal certain contracts for preapproval, salespeople are equipped to push through those urgent, hard sales without wasting time – and potentially losing an opportunity – by handing the contract over to legal to be drawn up, reviewed and/or approved. Often being the first to present a great contract means the difference between walking away empty handed and walking away with a sale.

We have always appreciated that the true value in CM was more than merely in organizing clutter and speeding up burdensome processes – the key is helping companies deal with the multilayered complexities of their entire contract portfolio and lifecycle while gaining unlimited visibility into contract data. While, as Tim mentions, much of the industry is still too narrowly focused on meeting customer demand rather than shaping demand based on innovation, it is still early days. As he points out, there is still “a massive market opportunity;” big steps are being made all the time, and we remain excited about the places we’ll go.  

October 07, 2014

Using Tech to Reduce Paper Use: Why It's Crazy Not To

Law firms use ridiculous amounts of paper. A study from a few years ago estimated that a single attorney in the U.S. will use up to 100,000 sheets per year – that’s nearly 400 pages per workday. 
And that’s crazy.

Sustained awareness campaigns over the last few decades have led to a significant shift in public attitudes towards our personal responsibility to protect the environment. We all know the environmental impacts of paper are obvious, from deforestation to pollution from paper factories. In case you need a refresher, the EPA reports paper makes up 40% of the total waste in the U.S. Even recycling can be a source of pollution due to the sludge produced during de-inking. So in this day and age, when recycling is the norm and electric cars are cool, why haven’t legal departments caught up?

It could be that lawyers love paper – it’s what they’re provided with and expected to provide; it feels familiar in their hands; it’s safe, easily read and marked up; they can take it home; they’re used to it. Courts may be similarly resistant to alternatives to single-sided, hardcopy filings and submissions. Thus, in an industry built on paper documents, run by people trained with paper documents who answer to courts expecting paper documents, reducing paper use will clearly require a change in mindset.

The sheer will to “go green” hasn’t been enough of a motivator for large numbers of firms and departments to significantly change their paper-loving ways. If "doing the right thing" isn't quite enough to instigate change, why don’t we look at it as doing the right thing by both Mother Nature and the bottom line? This shift in thinking away from paper may be facilitated by exploring the array of positives associated with “going green.” According to an article by South University, “Going green may be a popular PR move, but for many businesses, taking green initiatives to cut down on waste helps them run more smoothly, efficiently, and maybe most importantly, cost effectively.” 

Technologies that aid in going paperless result in a number of residual, direct benefits. Implementing tried and true tech initiatives such as electronic billing, e-discovery, document automation and contract management mean less money spent on paper, printing, envelopes, postage, filing and archiving. It means records can no longer be lost by fire, flood, misplacement, or coffee spillage. Centralized electronic document repositories mean more efficiency, organization and possible collaboration among attorneys, teams and offices. Locating important documents or data would entail a simple repository search rather than a desperate dig through filing cabinets. Electronic, centralized filing systems – often included in document automation and contract management software – mean no more piles of poorly organized legacy documents, research, cases, contracts, forms, memos and filings.

Less waste, less spend, less inefficiency, less carbon footprint and more desk space? Cutting down on paper is a no brainer. Beyond fulfilling law firms’ obligation to give back to the community and serve the greater good, reducing paper use is a win for the environment, hardworking lawyers and the bottom line of the firms and businesses they work for. 
It’d be crazy not to.

Blog Rankings

Technology Blogs - Blog Rankings