Cybersecurity Survey Findings for Law Firms

This document is a report detailing the findings from the ILTA/Conversant Group Cybersecurity Survey of law firms. The survey reveals that while many law firms are adopting appropriate cybersecurity solutions, they often do so in a disjointed manner, leading to a 'Whack-a-Mole' approach to security. The report highlights that 87% of firms have implemented some form of automated endpoint protection, yet only half utilize traditional antivirus solutions, and a mere quarter employ comprehensive protection strategies. Furthermore, while 75% of firms have Multi-Factor Authentication (MFA) in place, 35% lack defenses against lateral movement, which is critical for preventing unauthorized access within networks. The report emphasizes the need for law firms to adopt orchestrated security controls and configurations to create a layered defense strategy. It suggests that firms should focus on comprehensive assessments to identify gaps in their security posture rather than merely complying with regulations. This report serves as a key takeaway from a broader cybersecurity benchmarking survey conducted in collaboration with the International Legal Technology Association (ILTA).