With increased digitization, the threat vectors to enterprises have increased from physical to cyberspace. It has become important for enterprises to adopt the right technologies that not only ensure cybersecurity but also compliance requirements when it comes to maintaining data privacy. The complexities of data privacy regulations have given impetus to the adoption of legal GRC technologies that are helping enterprises to comply with the regulations and laws. Exterro is the industry’s first provider of Legal GRC software, which unifies e-discovery, digital forensics, cybersecurity, compliance, and privacy to drive successful, defensible outcomes for in-house legal, IT teams, privacy, and law enforcement worldwide. In an exclusive interview with SmartStateIndia, Rajkumar Manickam, Sales Director South Asia at Exterro, discusses the importance of legal GRC technolgies and also shares insights on Exterro’s growth plan in India.
Here’s an excerpt from the interview:
How is Exterro helping government and law enforcement agencies with its Legal GRC solutions?
Most governmental agencies across the globe are our users. From the biggest corporations to governmental agencies, law enforcement and the intelligence community use our solution. Nearly 90% of central and state law enforcement departments in India use our products, especially our flagship digital forensics software. Digital forensics has massive potential in the country because everyone has a digital footprint. For instance, the investigation into tax evasion, money laundering, or any financial crime begins with gathering a suspect’s digital footprint and digital forensics can help law enforcement gather the evidence they need.
With so much data, there are significant areas of risk not just for companies but for governments to deal with as well. Our SaaS-based platform leverages the power of data, without all the associated risks. We help governments deal with data privacy issues, cyber compliance issues, litigation management issues, privacy issues, forensic investigation aspects, and a variety of other things.
What are the trends/concerns you are observing that enterprises should be prepared for with regard to data privacy and cybersecurity compliances in near future?
Although the PDPB is in the works in India, organizations have been gearing up to ensure they can navigate a changing regulatory environment once the privacy bill is enacted. Theoretically, privacy legislation is expected to build trust among stakeholders, since they will be able to see what kind of data is available for use. There are challenges to this as different industries have pre-existing regulations and compliance requirements. For instance, the regulatory requirements for various manufacturing sectors, the IT sector, or the BFSI sector are different. Understanding these regulatory requirements and how it intersects with the protection of personal and non-personal data is critical. From a cybersecurity standpoint, regulatory compliance is constantly revised and the challenge for businesses is to keep up with them. Technology makes the job easier as it is programmatically designed to be customized. Technology that is automated to identify the compliance requirements will help organizations follow necessary protocols. If organizations need to gear up for the upcoming PDPB, investing in the right GRC tech can help them weather the storm.
What are the benefits a business gains from using Exterro Legal technology solutions?
Exterro’s suite of Legal GRC software is the only comprehensive platform that automates the complex nature of privacy, legal operations, digital investigations, cybersecurity response, compliance, and information governance. Thousands of legal teams across the world in large corporations, law firms, government, and law enforcement agencies have integrated our software to manage their risks and drive successful outcomes at a very competitive cost.
Exterro has partnered with leading legal service providers and consulting organizations. Our technology partnerships in areas like matter management and legal review help our clients leverage previous investments while still integrating next-generation Exterro technology. Exterro’s service and consulting partnerships allow clients to partner with e-discovery, data privacy, digital forensics, incident response, and compliance experts to develop customized internal processes, making our platform scalable and easy to operate. This reduces the time-consuming legal processes, making them more efficient.
From your perspective, how mature is the market for legal technology solutions in India? Also, besides big enterprises, should MSMEs be adopting Legal GRC solutions?
The adoption of legal tech is at its nascent stage in India but has massive growth potential. In 2022, with just a 10% penetration level, the size of India’s legal tech market is the US $380 million. The legal tech market is expected to grow at a rate of 35% annually over the next few years. This is largely because more than half of Indian businesses intend to automate their legal processes.
Considering that every business, be it small or big, is required to follow regulatory and compliance norms, digitalizing legal processes can help businesses reduce costs. Legal tech primarily aids and supports various portfolios and interconnects corporate legal departments, law firms, and the authorities — regulatory and statutory bodies, tribunals, and the judiciary. Manually driving legal processes can be expensive and exhaustive for small businesses. Legal tech can resolve a lot of issues seamlessly.
What will be your advice or mantra to an organization that is planning to opt for Legal GRC solutions? What prerequisites should they do in-house before adopting the solution?
The first and the most important aspect organizations need to look at is knowing the company’s existing GRC expertise and experience. While operations may sail smoothly during the sales and procurement process of new technologies, the real battle begins once the “go-live” phase begins.
Most employees of GRC product providers mostly have a basic understanding of GRC concepts. Organizations have to ensure that the GRC tech providers they choose have a comprehensive understanding of the sector, with stellar expertise and experience. Businesses must gain insight into the types of cases GRC service providers have resolved and also take stock of the clientele of said service providers.
The end goal of any GRC platform is to manage risk effectively and efficiently, while also meeting compliance requirements, thereby aligning with the business objectives. On a higher level, organizations need to understand the potential risks and threats that need to be addressed and remediated. They must also take stock of all governmental regulatory compliances they need to adhere to and the right GRC solution can help them to achieve this on a primary and prerequisite level.
What are your plans for the Indian market, and what are your focus segments for business expansion in India?
There is a common perception that when it comes to technology, India is the center for developers. But Exterro broke this cycle. We have a full-fledged innovation engine based out of Coimbatore where our Research & Development center is located. Exterro’s roadmap includes inaugurating another center in a tier-2 city. Exterro also plans to hire more talent over the next few years, especially from tier-2 and tier-3 cities including first-generation learners, people from single-parent homes, and more importantly women. We believe diversity in hiring can lead to innovation — which is in Exterro’s DNA.