Cybersecurity and data privacy were potentially the most hot-button issues this past year, aside from generative AI—which had significant implications of its own in both areas. In the cyber realm, we saw a huge uptick in law firm cyber attacks, and legal tech companies were not spared in the new wave of hacking. Ransomware groups like LockBit, CLOP and BlackCat/ALPHV were increasingly on the prowl in 2023, exploiting vulnerabilities in software like MOVEit and demanding high ransom payments.

At the same time, the protection of private data came under intense scrutiny, with significant activity in the regulatory space. The patchwork of U.S. state data privacy laws continued to expand, with a uniform national standard yet to emerge. Internationally, the European Commission adopted its adequacy decision for the EU-U.S. Data Privacy Framework after two prior invalidated agreements.