Three Trends that will Shape Legal GRC in 2022

Three Trends that will Shape Legal GRC in 2022-01

With the legal framework continuously changing with respect to governance, regulations and privacy, keeping an eye on the latest developments in the sector can help to strengthen the cybersecurity strategy.

Long-viewed only as an afterthought, the increase in the number of data breaches has brought cybersecurity regulations to the forefront of the organizations and customers. For executives, particularly for CISOs, the increase in number of regulations has meant that they operate in a stringent environment.  This has also driven the demand for governance, risk and compliance.


Simon Whitburn, General Manager and Vice President of International Business, Exterro believes that it has resulted in the process of managing such a diverse set of GRC actions that has become increasingly complex and the strategy and approach to this has seen huge changes.

“While most organizations are familiar with GRC in the context of departments such as HR, IT and finance, we are now seeing a growth in demand for Legal GRC, with legal leaders in particular, being faced with much of the orchestration and complex interconnections of legal operations, digital forensics, data privacy and cybersecurity compliance,” says Simon Whitburn. Therefore, organizations and especially CISOs should keep a close attention on the latest trends that will shape the Legal sector.

Also Read: Top Five Security Predictions to Look Out for in 2022

Here are three trends that they should watch out for while they move ahead in 2022.

  • Artificial Intelligence (AI) will transform legal GRC by helping to sharpen the focus and direction of investigations. 

Simon Whitburn, General Manager and Vice President of International Business, Exterro states that

advanced computer processing techniques, together with Natural Language Processing (NLP) and deep learning will be used in other disciplines that come under the legal GRC banner, such as digital forensics. “These processes typically share many of the same evidence processing and review stages as used in e-discovery,” says Simon Whitburn.

“In the forensics process, AI is currently being used for tasks such as image labeling to eliminate time spent on repetitive tasks but we expect it to give rise to truly smart technology during 2022. The emergence of a ‘virtual partner’ who can work alongside the investigator promises to transform working practices. The virtual partner’s role will go beyond simply expediting tasks, to reveal contextual insights across the data. It will even be able to guide the investigation, helping to significantly reduce workloads and shorten time to resolution,” adds Simon Whitburn. 

  • Post-breach incident management will become ‘smarter’ making it easier to demonstrate defensibility 

As per Simon Whitburn, General Manager and Vice President of International Business, Exterro, “Smart review processes will enable teams to quickly locate Personally Identifiable Information (PII) within compromised data.” He believes these processes will be self-learning so will become more adept over time at recognizing specific data types. “Smart analysis will also provide the ability to view live data directly at the endpoint. This will ensure faster, more targeted investigations that give teams everything they need to quickly understand and respond to even the largest of breaches,” says Simon Whitburn.

“Having a quicker, more robust and effective post-breach response process has now become necessary in order to comply with the various global data protection regulations, like the GDPR in Europe. Having the right technology in place can help to proactively identify risks prior to incident and categorize into different levels of consideration for review and action. Automation will also ensure breach management keeps pace with any regulatory changes, such as those we saw to GDPR in the form of a new Data Protection Act post-Brexit,” adds Simon Whitburn.

Also Read: Wave of Industrial Cybersecurity Legislation: What CISOs need to know

  • Forensics in the Cloud 

“The cloud brings both opportunities and challenges to digital forensics,”


says Jonathan Shorter, VP of International technical Engineering, Exterro. He further adds that while investigators know the cloud hosts a wealth of information to help fight crime, provide evidence, and solve cases, that’s true only if they can get their hands on the data to analyze. “In our survey ‘The Future of the Public Sector’, data collection was the biggest challenge in cloud-based investigations, followed by cooperation with cloud providers (65%), preservation of the data (49%), chain of custody (37%), and identification (40%),” says Jonathan Shorter.

“As data collection in multiple cloud platforms continues to grow, we expect that digital forensics investigators will need to remain steadfast in their diligent and exhaustive efforts to collect, cull, analyze, categorize, and find patterns in data that become the conclusive evidence to solve crimes. As more and more data is stored everywhere, forensic technologists must have the capabilities to deliver greater stability, almost limitless scalability and real-time collaboration in the cloud,” adds Jonathan Shorter.

For more such updates follow us on Google News ITsecuritywire News