Many cyberattacks are increasingly simple for bad actors to launch. At the same time, larger organizations are steadily becoming more difficult to infiltrate, forcing hackers to target smaller organizations that often have less sophisticated defenses. Over the past several years, these two trends have combined to put organizations with high-value data on notice, no matter their size. Hospitals, retailers, municipalities, government entities, even credit bureaus have all taken their turns dealing with significant data breaches. Now, law firms, with their highly confidential records, are being regularly targeted.

Since 2020 organizations across the legal profession, from law firms with less than a half-dozen attorneys to firms with more than 500, from city bar associations to state courthouses, have reported cyberattacks compromising their confidential information. At the same time reports continue to show law firms continue to be slow to protect themselves to cyberattacks compared to businesses in other industries. State and federal regulations, as well as basic attorney ethics standards, require that law firms be faster in adopting technology to thwart cyberattacks.