*Reassuringly dull cyber security e: info@normcyber.comt: +44 (0) 203 855 6215

Case Study: Chambers and Partners


Chambers and Partners, the global leader in production of legal rankings, entrusts Norm’s Cyber Security as a Service to safeguard its customer data and protect its systems.

Chambers and Partners has established itself as a global leader in legal research and rankings. The company uses its 200+ strong team of research analysts, and a process of extensive telephone and in-person interviews with general counsels, to produce the rankings of both legal departments and individual lawyers.

18 months ago, the organisation began a journey of digitisation, which involved changing the way the company works, its products and its go to market strategy. Chambers and Partners now recognises itself as a data company, placing ever greater importance on the security of its systems, and making the integrity of its clients’ data paramount.

On joining the business in 2018 James Lee, the new Chief Technology Officer carried out a full review of all aspects of the IT environment.

“As part of this, I wanted to better understand our overall information security position, and where we were on our information security journey. We’re a business that places utmost importance in protecting and securing our customers data. We take this extremely seriously. As such, we wanted to ensure that we didn’t have any gaps and / or vulnerabilities,” says Lee.

“Our review showed we had many key elements in place, but there were still opportunities to enhance and widen our coverage; we also wanted to ensure we deployed the latest, best-in-class security solution,” he says.

After a thorough tender process, a shortlist of the three most suitable vendors was made.

“Norm provided the most compelling proposition, it offered a cohesive end to end solution, coordinating on our behalf. This contrasted with the approach from other vendors, where point-based solutions placed the burden on us to pull various strands together.” he adds.

Norm’s service incorporates a comprehensive range of information security solutions including: Password Manager, Phishing Awareness, Penetration Testing, auditing, gap analysis, compliance for ISO 27001, GDPR and Cyber Essentials PLUS, virtual data protection services, anti-virus and anti-malware, and 24/7/365 Threat Detection & Security Operations Centre Support (SOC).

Lee points out several key benefits of Norm’s suite of services.

“Outsourcing the data protection services, has allowed us to hook into Norm’s expert knowledge in the area of GDPR and compliance, which goes above and beyond what you would typically expect. It has allowed us to put in exceptionally high-quality contracts and protections around the things we do and the services we offer,” says Lee.

Meanwhile, the 24/7/365 SOC has meant that the company could detect things outside of core hours, with threats being picked up, managed and resolved quicker than they would have been historically.

Lee also adds that Norm’s penetration testing layer has enabled Chambers and Partners to better identify and understand how vulnerabilities could be further exploited; allowing the company to prioritise preventative measures.

Appointing NormCyber as our virtual DPO has given Ferrero the best of both worlds – access to data protection experts who understand what we stand for as a business, without the hefty overheads usually associated with appointing an in-house DPO.

Harpreet Thandi
Regional Counsel, UK & Ireland, Ferrero

We were looking for a virtual DPO service that offered all of the benefits of a fully qualified data protection lawyer, without the overheads of an in-house hire. The DPaaS solution from norm. has been invaluable in helping us to ensure we respect the integrity of our customers’ personal information, while using it to continue to deliver differentiated products and services which support our growing customer base.

Mike Whitfield, Compliance Manager

CSaaS allows me to step away from multi-vendor management as the Security Operations Centre coordinates all of the technology for me.

David Vincent, CTO

We were in the market for an independent Data Protection Officer service that was well versed with both UK and EU regulators. We’re thrilled to have acquired this service knowing that an expert is available 24/7.

Suzanne McCabe, Head of Project Management
James Hambro & Partners

Norm’s penetration testing layer, along with the suite of CSaaS modules has enabled MA to exceed all its audit requirements for its major clients.

Rob Elisha, ICT and CRM Manager
Montreal Associates

The speed of your Data Protection Officer’s response was very impressive – it was far quicker than I would have expected even from an in-house DPO

Will Blake, Director of Technology and Analytics
CRU Group