Here Chris Labrey, Managing Director UK & Ireland for Econocom talks to Finance Monthly about the management of long term payment models and how they can play a part in the implementation of cyber security measures.

If businesses have learned anything over the past few weeks, it is that the issue of cyber security has never been more important. Despite the severity of the WannaCry incident — which started off affecting numerous NHS trusts across the UK and evolved into something that affected computers in more than 100 countries — it was a stark and much-needed reminder that no business can truly count themselves as safe, no matter the area or industry.

For those working in the legal sector, the unfortunate truth is that they are more vulnerable than most. On a daily basis, lawyers, barristers, solicitors and more are dealing with highly confidential information — the kind of information that is extremely valuable in the eyes of online hackers. If these individuals were able to infiltrate IT systems and seize this data, the consequences of it being leaked could be disastrous.

With this in mind, it is essential that all law firms put sufficient security measures in place, but there are several obstacles that make this process more complicated than many first anticipate. Firstly, the necessary tools for comprehensive protection often require a significant capital expenditure investment, and many firms struggle to pay this without any negative financial repercussions. What’s more, it is not uncommon that this money comes straight from the pockets of the partners, which results in additional strain for those looking to take a proactive stance against the cyber threat.

Even if the majority of firms could afford to pay the considerable one-off payment to protect themselves, they often fail to consider whether they have the sufficient resources to manage and maintain these various tools and systems. Security is not an automated service —it requires staff that are on-hand to monitor and detect any potential vulnerabilities and then decide on the appropriate action to resolve the issue.

However, flexible payment-over-time models represent a solution that makes the process of deploying these security measures much easier — a solution that reflects our 21st century ‘renter society’ sensibilities, and is being realised by security-conscious law firms. Just like many of us pay for our mobile phones or cars in monthly instalments, the legal sector is beginning to reap the many benefits of using such a model to pay for cyber security protection.

Firstly — and perhaps most obviously — the model means there is no need for a large, one-off payment if businesses want to guarantee protection: instead, the cost is divided into smaller, more manageable chunks that are paid over a pre-determined period of time. Suddenly, the financially-induced headaches that many partners and firms suffer from are alleviated, allowing them the freedom to breathe and implement these new measures without any disruption to regular operations.

Payment-over-time models are also extremely valuable thanks to their flexibility. As the cyber threat continues to evolve and hackers devise new ways of infiltrating IT systems, businesses within the legal sector can continually refresh and future-proof their security measures to ensure they are constantly protected. Outdated systems can be swapped out for state-of-the-art replacements, without having to make another potentially crippling capital expenditure investment.

Fast-growing businesses within the legal sector are understandably wary of spending any significant amount of money on IT systems, especially if they find themselves doubling the size of their workforce in 12 months and find that the systems they spent so much money on are no longer sufficient. Payment-over-time models eliminate this problem entirely, as they allow businesses to scale their estate up or down according to specific business needs and requirements. This approach allows businesses to match the investment costs with the business benefits over time.

The threat of cyberattacks is only going to continue to evolve over time, and so the legal sector is left with no choice but to invest in the relevant security measures to protect themselves. If they fail to do so, they risk enormous financial and reputational damage, as well as the obvious loss of any data that is seized in the process. While putting these measures in place might have previously been tough for many law firms, the popularisation of payment-over-time models is the much-needed lifeline that they need to survive during these tough times.