50% of law firms cited phishing as the top cybersecurity concern, a new category this year, surpassing ransomware and user behavior.

External assessments and tabletop exercises are now tied with client requirements in the legal industry as the top drivers of security investment, both at 53%

Just 27% of law firms rank backups as a top-three security control.

Only 18% of law firms apply Multi-Factor Authentication (MFA) to production storage.

Only 38% of law firms consider themselves "very secure," which is down from 50% in 2023.

37% of law firms apply MFA to backup storage.

The percentage of law firms that acknowledge known security gaps increased from 14% to 23%.

Half of law firms have at least one backup system capable of immutability.