Cybersecurity is a double-edged sword for law firms. Vulnerabilities in firms’ internal data security present an unprecedented existential threat, while increasing corporate demand for legal expertise in information security, compliance and incident response provides an emerging revenue growth opportunity. Primarily drawing on the results of the second annual ALM Intelligence Law Firm Cybersecurity Survey, this report consists of two parts: Threat and Opportunity.
The Threat section takes a sobering look at the state of preparedness in the legal services industry. The report examines the progress, or lack thereof, that law firms have made in coming to terms with the continually evolving cybersecurity and data privacy landscape.
The Opportunity section, grounded in both the survey results and ALM Intelligence’s proprietary law firm financial and demographic data, explores the development of cybersecurity as a practice area. It includes an analysis of the current market’s cyber-related legal services as well as a forecast of future conditions.
Notable findings in the report include:
- More than 70% of firms report that their clients have exerted pressure on them to increase internal data security;
- Law firms are more confident than ever in their ability to withstand a cyberattack;
- Many firms have failed to build out partnerships and protocols that would provide dependable protection and robust response to a data breach;
- Worse, more than 50% do not regularly conduct fire drills to test the efficacy of their plans;
- More than 85% of Am Law 200 firms identify as having a practice group dedicated to issues of data privacy and security;
- More than 40% of firms with a cybersecurity practice group expect to grow their headcount in the next year.
Since last year’s publication of the ALM Intelligence report, Cybersecurity and Law Firms: Ignorance Is Risk, the issue has only intensified. The fallout after high-profile incidents like the hacks that unearthed the Panama Papers and internal Democratic National Committee emails continues to demonstrate the stakes involved. Last year’s report revealed details of an industry caught flat-footed and trying to play catch-up. Though the current edition paints a picture of a sector awake to the threats and opportunities presented by data security, for some law firms, it may be too late. For others, time is running out.
To download the report, click here.