Company Story
Mid-sized law firms serving regulated and institutional clients are under escalating external scrutiny. Insurance carriers are restricting coverage. Client audits are becoming more aggressive. Yet most firms at this stage do not have dedicated executive security leadership.
Oxley Cyber Advisors was founded to address this gap. With over 25 years of experience leading IT and security inside law firms — rising from technical roles to CIO/CISO — David Oxley understands both the technical and operational realities of legal practice, including the critical need to avoid disrupting billable work.
Our Mission
We believe small and mid-sized law firms deserve access to executive-level security leadership without the cost of a full-time CISO. Our mission is to help firms build defensible security programs that protect revenue, client relationships, and institutional credibility.
David Oxley, CLM | Fractional CISO
David brings 25+ years of hands-on experience leading IT, security, and compliance inside law firms. His background includes:
Direct ownership of audits, client compliance, cyber events, and insurance claims
Security rating elevation (BitSight: 570 → 790; sustained SecurityScorecard A rating)
Successfully securing contested cyber insurance payouts
Leading 25+ regulated client audit responses annually
Board-level communication and strategy approval
Infrastructure modernization with risk control (highly available / redundant infrastructure, firm-wide VDI, CIS Benchmarks implementation)
David holds the Association of Legal Administrators’ Certified Legal Manager (CLM) designation as well as ISACA’s Certified Information Security Manager (CISM) certification. He has served in leadership roles within ALA and it’s Minnesota Chapter, ALAMN, where he is recognized as a security authority among legal operations professionals.
He is not a governance-only advisor — he has implemented security controls himself and understands what works in professional services environments under real client scrutiny.
