The Legal Executive Assistant’s Guide to Technology and Cybersecurity

• Data Breaches: Up to 42% of law firms with 100 or more employees have experienced a data breach. 2025 is shaping up to be a record year for these types of incidents, with at least 21 law firms reporting breaches to state attorneys general.
• Class Action Lawsuits: Class action lawsuits for data breaches are on the rise, with more than 40 cases filed monthly in 2024, compared to an average of 33 in 2023.
• High Costs: The average cost of a data breach reaches $4.88 million, and for professional services firms (including law firms), the average cost is even higher: $5.08 million.
• Phishing: Although a specific statistic is not provided in the original text for the legal sector, phishing is universally recognized as one of the main causes of data breaches. It is crucial to mention this threat due to its prevalence and the role that legal assistants play in its prevention.
• Ransomware: This threat continues to rise. Ransomware is projected to cost victims more than $265 billion annually by 2031. Ransomware-as-a-Service (RaaS) facilitates these attacks, increasing the risk.
• Supply Chain Vulnerabilities and Insider Threats: These threats complete the current landscape, increasing the attack surface.

Taken together, these figures and trends demonstrate that law firms face an extremely challenging cybersecurity threat environment in 2025, where prevention and rapid response are crucial.

Legal executive assistants are a critical first line of defense in protecting a law firm's confidential information. Their role extends beyond administrative tasks to encompass proactive participation in building a security-conscious culture.

Key responsibilities include data protection, and rigorously implementing procedures for handling sensitive information in compliance with internal policies and regulations like GDPR, HIPAA, and CCPA. 

They also manage access control, ensuring only authorized personnel access sensitive data through strong password management, multi-factor authentication, and regular permission reviews.

Awareness and education are paramount. 

Assistants must stay informed about the latest threats and best practices, and actively educate colleagues. 

They are crucial in incident response, coordinating communication, and assisting in recovery. 

They also play a role in technology management, recommending and utilizing security tools. 

Crucially, they provide vital support to the chief legal officer in their expanding cybersecurity responsibilities.

Insider threats, a significant risk for law firms, come from individuals with legitimate access: employees, former employees, or contractors. These threats can be intentional, such as data theft or sabotage, or unintentional, resulting from errors or negligence.

In the legal environment, insider threats manifest in various ways. 

Data leakage occurs when confidential information is shared with unauthorized individuals, either maliciously or carelessly. Theft of intellectual property, such as legal strategies or client lists, is another threat, especially from outgoing employees. 

Sabotage, although less common, can cause significant damage. 

Finally, negligence, such as falling for a phishing attack or losing a device, is a frequent cause of security incidents.

Legal executive assistants, because of their position and access to sensitive information, are key in mitigating these threats. They must apply the principle of "least privilege," ensuring that access to information is limited to what is strictly necessary. 

This involves careful management of user accounts and permissions.

Vigilance is essential. Assistants should be alert to unusual behavior, such as access to unrelated files or massive data downloads. They should also reinforce security policies and best practices, organizing training and fostering a security culture.

Document protection, through encryption, retention policies, and secure destruction, is another crucial responsibility. Finally, upon any suspicion of an insider threat, assistants must report it immediately, following the firm's protocols.

Effective prevention of insider threats requires a combination of technical controls, clear policies, and a strong security culture, where every employee understands their responsibility in protecting information. 

The role of the legal executive assistant is fundamental in this effort.

The legal sector is subject to a set of cybersecurity regulations that impose specific obligations regarding data protection and privacy. 

Legal executive assistants, as custodians of confidential information, must have a working knowledge of these regulations to ensure compliance and avoid penalties. 

This is not only a legal requirement, but also a matter of professional ethics and protecting the firm's reputation.

• General Data Protection Regulation (GDPR): Although it is a European regulation, the GDPR has an extraterritorial scope. It applies to any organization, including law firms, that processes personal data of European Union residents, regardless of where the organization is located. The GDPR requires robust data protection measures, such as encryption, pseudonymization, and data minimization. It also grants individuals significant rights over their data, including the right of access, rectification, and deletion. Failure to comply with the GDPR can result in significant fines, up to €20 million or 4% of the organization's global annual turnover, whichever is higher.
• Health Insurance Portability and Accountability Act (HIPAA): This U.S. law establishes standards for the protection of protected health information (PHI). Law firms that handle client medical information, for example, in personal injury or medical malpractice cases, must comply with HIPAA's administrative, physical, and technical security requirements. This includes implementing security policies and procedures, training employees, and reporting data breaches.
• California Consumer Privacy Act (CCPA): The CCPA grants California consumers rights over their personal information. Law firms that handle data of California residents must inform consumers about what information is collected, allow them to request deletion of their data, and give them the option to opt out of the sale of their personal information. The CCPA has been amended by the California Privacy Rights Act (CPRA).
• New York SHIELD Act: This law requires companies to protect the private information of New York residents. The SHIELD Act expands the definition of "private information" to include biometric data and email usernames and passwords. It also requires companies to implement a data security program that includes risk assessments, employee training, and technical and physical safeguards.

In addition to these specific regulations, legal professionals must understand the concept of "reasonable duty" in the context of cybersecurity. This legal concept, although broadly interpreted, is critical in potential lawsuits related to security incidents. 

It implies that organizations must take reasonable steps to protect confidential information. 

Failure to meet this duty can lead to claims of negligence, breach of contract, or breach of fiduciary duty. Knowledge and compliance with these regulations, and understanding of the "reasonable duty", are not only a legal obligation, but an essential component of risk management and reputation protection for any law firm. 

Legal executive assistants, by being familiar with these requirements, contribute significantly to the security and success of their organization.

Legal executive assistants can leverage a variety of technology tools to strengthen their firms' cybersecurity and protect confidential information.

These tools are not just for the IT department; assistants can and should be familiar with them and, in many cases, use them directly.

• Firewalls: Act as a barrier between the firm's network and the outside world, blocking unauthorized access. Legal executive assistants do not typically configure firewalls directly, but they should understand their function and ensure they are enabled and up-to-date. Common examples include Cisco ASA and Palo Alto Networks.
• Antimalware and Antivirus software: These tools detect and remove malicious software (viruses, worms, trojans, ransomware). Legal executive assistants must ensure that this software is installed on all devices, including laptops and company-provided mobile phones, and that is regularly updated. Examples include Malwarebytes, McAfee, and Norton.
• Multi-Factor Authentication (MFA): MFA adds an extra layer of security by requiring users to provide two or more forms of identity verification (e.g., a password and a code sent to their mobile phone). Legal executive assistants should use MFA whenever possible, especially for accessing email accounts, document management systems, and other applications that contain confidential information. Examples include Google Authenticator, Authy, and Microsoft Authenticator.
• Encryption Tools: Encryption protects confidential information, both in transit (when sent by email or transferred over the Internet) and at rest (when stored on a hard drive or in the cloud). Legal executive assistants should use encryption tools to protect sensitive files and emails. Common examples include BitLocker (for encrypting hard drives) and VeraCrypt (for creating encrypted containers).
• Password Managers: These tools securely store and manage passwords for various accounts, helping users create and use strong, unique passwords. Legal executive assistants should use a password manager to avoid password reuse and reduce the risk of accounts being compromised. Examples include LastPass, 1Password, and Dashlane.
• Virtual Private Networks (VPNs): VPNs create a secure connection to the Internet, protecting data when using public Wi-Fi or working remotely. Legal executive assistants should use a VPN whenever accessing confidential information outside the office. Examples include NordLayer, ExpressVPN, and CyberGhost.
• Cloud Security Solutions: If the firm uses cloud services (such as file storage or case management software), it is critical to use cloud security solutions to protect data stored in the cloud. These solutions may include access controls, data encryption, and activity monitoring. Examples include AWS Security Hub, Azure Security Center, and Google Cloud Security Command Center.
• Intrusion Detection and Prevention Systems: Assistants will not configure these systems, but it is imperative that they know what they are for.

Effective use of these tools, combined with strong security practices (such as verifying emails and being cautious with links and attachments), can significantly reduce the risk of a successful cyberattack.

Managed IT services, like those from LayerLogix, provide a crucial protection layer. 

An MSP like LayerLogix acts as an extension of the firm's team, offering expertise.

LayerLogix provides 24/7 proactive monitoring, detecting and addressing suspicious activity immediately.

We manage patches and updates, eliminating a common vulnerability… As well as we implement advanced antimalware and antivirus solutions.

Last but not least, more specifically related to today’s guide, we also offer compliance support (HIPAA, GDPR, CCPA) and secure structured cabling. 

Contact us today to start a strategic cybersecurity partner, allowing your firm to focus on legal practice.