A new survey from ALM Intelligence found that vulnerabilities in firms’ internal data security pose an unprecedented threat, however the ever increasing demand for legal expertise in information security, incident response and compliance provides firms with an exceptional opportunity for growth.
One of the report’s key findings was that more than 70% of firms report that their clients have exerted pressure on them to increase internal data security, somewhat unsurprising given the increasing sophistication of cyber-attacks and the sensitive and confidential nature of information often handled by law firms.
Worryingly, many firms have failed to build out partnerships and protocols that would provide dependable protection and robust response to a data breach, and more than 50% do not regularly conduct fire drills to test the efficacy of their plans.
However the report also found that more than 85% of Am Law 200 firms identify as having a practice group dedicated to issues of data privacy and security, and more than 40% of firms with a cyber security practice group expect to grow their headcount in the next year, suggesting that many view the specialism as a significant area for revenue growth.
Daniella Isaacson, co-author of the report and ALM Intelligence Senior Legal Analyst concluded that “Our research indicates that most remain surprisingly unprepared for the threat. For example, many never test their cybersecurity protocols. This means that on the day of a breach, those firms are using an unproven response plan.” So as internal cyber security continues to become an ever more important factor in legal purchasing decisions, firms will need to ensure that they have sufficient and demonstrable cyber security measures, not only to facilitate the expansion of their cyber security practice but also their firm as a whole.