Cybersecurity Awareness Training for Legal Services Firm


The legal sector is one of the most challenging when it comes to compliance. Their landscape changes constantly, and clients hold them at a higher standard to have a fluent workforce in regulatory policies. 

This legal services has over 200 employees and several locations across Asia. Its CTO manages a Cybersecurity team and chairs their Information Security Committee, which has the responsibility to securely hold the private corporate data of clients in regions of service.

SaaS Enterprise Builds Cyber Culture with Right-Hand

Right-Hand’s Compliance Readiness product has played a big role in our journey towards ISO27001 certification. Within a few weeks of distributing our ISO27001 training, our employees achieved a 100% pass rate.


Chief Technology Officer


As often seen in other companies globally, their employees reported receiving Business Email Compromise (BEC) cyberattacks through phishing emails impersonating senior executives. 

The imminent risk of its team falling victim to these scams forced the team to implement a comprehensive cybersecurity awareness program for its employee population.

Besides the ongoing threats reaching their employees’ inboxes, their Cybersecurity and Compliance team prioritizes data privacy and regulatory compliance. 

Therefore, they decided to pursue an ISO27001 certification, which required compliance and cybersecurity awareness training for all of its employee population.

Why Right-Hand

Right-Hand’s Phishing Readiness, PhishArm, Training Readiness, and Compliance Readiness products delivered as Managed Services seamlessly matched the legal firm’s cybersecurity and risk governance needs.

Right-Hand adapted and customized its existing training modules to fit their needs more than standard cybersecurity training modules.

“With Right-Hand’s Managed Services offering, we can leverage their expertise to deliver cybersecurity awareness, while at the same time provide specific training modules that map to our corporate GRC policies, all through the same platform,” reported their CTO.

Through its Managed Services offerings, Right-Hand’s Customer Success team has been helping this legal firm save internal resources by developing cybersecurity and compliance training modules according to their unique strategy and rapid growth.


With Right-Hand’s Phishing Readiness’s phishing simulation templates and Training Readiness’s training modules delivered as Managed Services, this legal firm has measured its employees’ risk scores and raised cybersecurity awareness across the organization.

“If you’re looking for a cybersecurity training platform that can be further extended to other internal training requirements and provide ease of dissemination and reporting, then I would recommend Right-Hand’s offerings,” noted the CTO.

Moreover, in their journey to attain ISO27001 certification, Right-Hand has delivered ISO27001-ready training packs to their entire organization, spreading awareness of their policies and controls across their rapidly growing team.

“We have received a great deal of help and regular follow-up from Right-Hand’s Customer Success team, saving us time on setup, onboarding, and execution. It’s been a great partnership,” reported the CTO.


This client currently utilizes Right-Hand’s Phishing Readiness, PhishArm, Training Readiness, and Compliance Readiness products delivered as Managed Services.

Through Phishing Readiness and Training Readiness, Right-Hand’s Customer Success team successfully creates customized spear phishing simulation content. It puts together training campaigns for all of the legal firm’s employees monthly. The importance of the frequency is to shift and improve long-lasting behavior change.

“Training Readiness’s content can be easily edited to fit the messaging and tone of our company, and the distribution of these to the wider organization has been painless,” shared the CTO.

Besides highly positive feedback from employees, the legal firm’s Cybersecurity and Compliance team now register a 90+% completion rate for each training module delivered to their staff.

“Phishing Readiness and Training Readiness help us save tremendous time internally, and the extra layer of eyeballing and human review is much appreciated. The phishing simulations created a stir within the company, which in turn boosts employee’s vigilance to look out for such attacks,” noted their CTO.

To complete this bundle, Compliance Readiness delivered as Managed Services has helped them convert their policies. Anti-Money Laundering, Personal Data Protection Act, and Code of Conduct policies became easily consumable, bite-sized, and gamified training modules in just a few clicks.

“Our original intent with Right-Hand’s platform was to tick off requirements relating to ISO27001 training awareness, and it satisfied that requirement greatly. We now use Right-Hand for all our policy training needs, which lends itself to scoring other goals such as the Data Trustmark Protection certification, AML/Compliance requirements, and SOC2 in the future,” according to the CTO.

Ready to Take Your Security Awareness Program to the Next Level?