Case study: Bodman PLC Strengthens Cybersecurity Posture with Stridon's Risk Assessment

Company Overview
With more than 170 attorneys in offices throughout Michigan, Bodman PLC has delivered extraordinary results to clients for nearly 100 years.

Bodman PLC offers a broad range of legal services across industries including finance, healthcare, real estate, technology and government. The firm focuses on understanding its clients’ businesses and the markets they operate in to deliver tailored legal solutions.

The Opportunity
Bodman PLC is a respected law firm known for its deep commitment to strong client service, compliance and effective business operations. As cyber threats to the legal sector grow, the firm took proactive steps to strengthen its cybersecurity and protect sensitive client information.

The firm aimed to align its practices with the CIS Critical Security Controls – a globally recognised framework that help organisations prioritise and implement cybersecurity best practices.

This initiative was part of a broader strategy to strengthen digital resilience and operational excellence. By adopting a control-based framework, the firm aimed to identify gaps, prioritise remediation efforts and establish a roadmap for continuous improvement in cybersecurity maturity.

“Our goal was to move beyond basic compliance and take a strategic view of cybersecurity. We needed structure, clarity, and a plan we could track against.”
J Adam Behrendt, Member, at Bodman PLC

The Challenge
Before engaging with Stridon, Bodman PLC faced several challenges including:

  • Security controls had been implemented over time, but not consistently assessed or benchmarked.
  • It was difficult to prioritise risks or remediation efforts without a structured framework.
  • Internal reviews highlighted areas of concern, but there was no reliable way to measure progress or risk exposure.
  • Growing scrutiny from clients, regulators, and insurers meant Bodman PLC needed greater confidence in its security investments.

The firm needed a standardised, measurable risk assessment that would clarify its current position and set out a practical path forward.

The Approach
Stridon worked in close collaboration with Bodman’s leadership and IT team to deliver a comprehensive cyber risk assessment aligned with the CIS Critical Security Controls.

The process began with a detailed discovery phase to understand the firm’s existing security landscape, business priorities and regulatory obligations. Stridon’s long-standing partnership with Bodman PLC allowed the team to quickly navigate the firm’s operational context, technology environment and risk appetite, thus enabling a faster assessment process and highly tailored engagement from the outset.

Using the CIS Controls as a benchmark, Stridon:

  • Conducted document reviews, interviews and technical validation of security practices.
  • Applied the CIS Risk Assessment Methodology (RAM) to assess implementation maturity, threat relevance and business impact.
  • Delivered risk scores that clearly prioritised remediation needs.

The final output included a detailed risk assessment report, an executive summary for senior leadership, strategic recommendations and a treatment plan aligned with business priorities, to guide the firm’s ongoing cybersecurity improvement efforts.

“Stridon’s deep understanding of our environment and their structured approach to risk assessment made this process both efficient and insightful.”
Wesley Peterson, Director of Information Technology and Security Operations, at Bodman PLC

The Value
The risk assessment delivered by Stridon provided Bodman PLC with

  • A clear picture of its cybersecurity maturity, benchmarked against a trusted framework.
  • A prioritised list of actions to close key gaps.
  • A strategic, phased roadmap for remediation, allowing the firm to allocate resources effectively and address the most pressing risks first.

Stridon’s practical recommendations helped the firm shift from a reactive security posture to a more confident and proactive stance.

“The CIS Controls framework gave us a clear benchmark, but it was Stridon’s guidance and collaborative style that helped us turn assessment into action. We now have a focused treatment plan and the confidence to move forward.”
Wesley Peterson, Director of Information Technology and Security Operations, at Bodman PLC

Stridon continues to work collaboratively with Bodman PLC to support the implementation of the treatment plan, ensuring that changes are delivered with minimal disruption and maximum impact.

Why Stridon?
Stridon has worked with Bodman PLC for around five years, gaining a strong understanding of the firm’s environment, challenges and goals. This helped deliver a focused and efficient risk assessment and continues to support long-term success.

“Working with Stridon feels like an extension of our own team. Their institutional knowledge and practical recommendations have helped us elevate our cybersecurity maturity significantly”

Wesley Peterson Director of Information Technology and Security Operations at Bodman PLC
Transforming business performance, through people and technology.
+44 (0) 20 3006 2140 ideas@stridon.co.uk
The Frames
Unit 1.04
1 Phipp Street
LONDON
EC2A 4PS
© 2026 Stridon. All rights reserved.

Message us

Message us to get in touch.