skip to content

Through the Looking Glass: Legal and IT’s Different Views on Cybersecurity Preparedness

by Giulianno Lopez


A recent Ponemon Institute study revealed that 68% of all organizations were victims of successful endpoint attacks that compromised data or IT infrastructure in 2019. Of these breaches, 80% were new or unknown, involving exploiting unspecified vulnerabilities or utilizing new malware that detection solutions do not recognize. Since any organization could be a hacker’s next target, how secure is your business? It might depend on who you ask.

According to the Special Counsel Data Breach Response survey released in April 2020, legal departments and IT professionals view their organization’s cybersecurity preparedness very differently. While 87% of the 250 corporate IT professionals surveyed said their companies were either “very prepared” or “extremely prepared,” only 55% of the 150 corporate attorneys agreed with IT. In comparison, the remaining 45% were decidedly more cynical.

Whose view more closely mirrors the truth? According to Aaron Duncan, Vice President of Discovery Services at Special Counsel, “I think it’s closer to the legal professionals in that they see more of the reality of the situation instead of just the numbers.”

One reality is the time it takes to identify and recover from a breach. While 86% of the IT decision-makers estimated that it would take three days or less to identify and respond to a data breach, 63% of the attorneys responding said it would take more than one business week to detect and react to an infringement. According to the survey, the average time to identify a breach was 206 days in 2019, with an average response rate of 73 days.

Another discrepancy between the departments was the perceived cost per exposed record following a data breach. While 75% of lawyers put the cost at $50 per record, IT professionals estimated that the expense would likely land somewhere between $.50 and $25 per record. However, both appeared to be a gross underestimation. In the report, Special Counsel listed the U.S. average cost to be $242 per lost record.

Bridging the Gap

The key to bridging the knowledge gap between legal and IT may lie in various places, such as:

  • Staffing: Adding a chief information security officer (CISO) to take charge of passing on updates and reminders from IT to the rest of the organization will enhance security awareness and keep everyone abreast of developing security threats.

  • Proactive patch management: Prompt patching — repairing a vulnerability or flaw in software before cybercriminals can exploit it — is vital for cybersecurity. Patch management can be automated for scheduled scans to ensure that all computers remain up to date to mitigate security risks.

  • Company culture: One more takeaway from the Special Counsel survey: Companies should adopt a security-minded company culture by equipping all employees with the tools and knowledge necessary to protect themselves and their organization from potential cybersecurity threats.

  • Secure, remote collaboration: Legal teams should conduct any collaboration — whether that’s working on redactions, sharing documents, or communicating with colleagues — via a secured ediscovery platform. The more digital and unsecured channels a legal professional uses to conduct their work, the more prone they are to attacks from opportunistic hackers.

To find out more about how to practice the law securely in this new era of remote-based work, check out our white paper, “Cybersecurity in the World of Ediscovery: Tips and Considerations For Legal Organizations.