Cybersecurity Spending on the Rise in 2019

As data security challenges continue to escalate, many law firms and corporate legal departments are upping their efforts to strengthen cyber defenses and minimize risks. More than three-quarters of lawyers (76%), recently surveyed by recruiting firm Robert Half Legal, said their organization plans to increase spending on cybersecurity-related resources over the next 12 months. None of the respondents planned to decrease spending.

With the increasing prevalence of cyberattacks and online security issues, many legal organizations are taking proactive measures to better anticipate threats and protect sensitive client data. Recent laws such as the European Union's General Data Protection Regulation (GDPR) and the California Consumer Privacy Act of 2018 (CCPA) also are top concerns for legal teams.

These new data privacy mandates are placing more accountability on companies for protecting consumers' personal information, and many will face large fines if they fail to do so. Lawyers are collaborating closely with their technology, human resources, marketing and business development colleagues to help ensure their organizations remain compliant and, ultimately, competitive.

Legal organizations recognize they are a particular target for cyberattacks due to the high volume of sensitive information they maintain. For example, consider the significant volume of valuable data that law firms and corporate legal departments of all sizes hold — intellectual property agreements, contracts, customer, supplier and financial information, research on potential corporate mergers, evidence in potentially high-stakes litigation cases. In the wrong hands, such valuable and confidential information could prove costly to organizations and cause irreparable damage to their brand and reputation.

Should a law firm lose a client's confidential data to an attack, it could face serious legal and ethics violations as well. Law firms are not only a source for client data, they can provide hackers a possible gateway directly into clients' systems.

Additionally, cyberattacks are on the rise and data security challenges continue to escalate. As a result, legal organizations are implementing more proactive and sophisticated security measures to better anticipate threats and protect sensitive data.

With legal organizations increasing their data security initiatives, job growth in these practice areas has also increased creating a high demand for security and compliance specialists:

• Risk assessment, data privacy and cross-border data transfer initiatives are creating demand for legal professionals with experience in these matters. Experts in cybersecurity policy, procedures and training programs are also highly sought.
• Companies are engaging experienced compliance administration specialists to stay current and meet government regulations. Much of the hiring is being driven by new federal and state regulations related to healthcare, lease accounting and data privacy.

Along with hiring specialists to help with cybersecurity risks, there are other tools and resources legal departments can deploy:

• Updated data management systems: the budgets for cybersecurity are expanding and include a broad range of new system resources.
• New security software: Companies and law firms also are bolstering their technology-based security defenses, including software to enhance threat monitoring and detection, security assessments, risk analysis, penetration testing and monitoring services, security awareness training and security metrics.

It's imperative that legal organizations continue to monitor the regulatory landscape to address changing laws regarding obligations to secure and protect confidential and personal data they possess from misuse, theft or exposure to unauthorized individuals.

*****

Debra Frank Montero is regional vice president of Robert Half Legal, the premier provider of experienced project and full-time professionals for law firms and corporate legal departments in South Florida.