This article appeared in Cybersecurity Law & Strategy, an ALM publication for privacy and security professionals, Chief Information Security Officers, Chief Information Officers, Chief Technology Officers, Corporate Counsel, Internet and Tech Practitioners, In-House Counsel. Visit the website to learn more.

Incidents over the last few years leave little doubt that hackers are increasingly targeting law firms. The data breach of law firm Mossack Fonesca, known as the Panama Papers, last April was the largest known and highest profile. The thieves took 2.6 terabytes of data, including 2.2 million PDFs, 3 million database files and 4.8 million emails.

Yet, many law firms don't use even basic encryption. In the ABA's 2016 Legal Technology Survey, only 38% of respondents reported using file encryption, only 26% use email encryption for confidential or privileged communications and documents sent to their clients, and only 15% use drive encryption.