Most law firms practice law. Only a handful operate as global companies, and even fewer invest significantly in cybersecurity annually. In other words, law firms, unlike many other companies today, often do not have robust cybersecurity controls, protocols and systems in place. While law firms over the past several years have started focusing on improving their cybersecurity controls, strategies and tools to protect client data better, there is still much progress to be made.