The Rising Tide of Cybersecurity: Why Legal Compliance Isn't Optional Anymore

The Rising Tide of Cybersecurity: Why Legal Compliance Isn’t Optional Anymore

“We’ve never had as many cyber attacks as now, and as our lives move to the digital sphere, cybersecurity risks get amplified,” warns Professor Andrej Savin of Copenhagen Business School during a recent Platforum9 session. His insights reveal how cybersecurity has evolved from a technical issue to a fundamental business and legal concern.

Beyond the Hacker Stereotype

The reality of cyber threats defies common perceptions. “People have this image of Russian or Chinese hackers, but it isn’t like that at all,” Savin explains. “It can be something as banal as your servers in the basement getting flooded and you don’t have a backup copy, or picking up a corrupted USB key found in the parking lot.”

The EU’s Legislative Response

Europe has taken the lead in cybersecurity regulation, introducing a wave of new legislation:

NIS2 Directive for essential cybersecurity
DORA regulation for financial cybersecurity
Cyber Resilience Act for digital products

These laws affect approximately 150,000 companies directly, but their impact extends far beyond through supply chain requirements.

The Risk-Based Challenge

What makes these regulations particularly challenging is their approach to compliance. “EU digital regulation insists on risk-based compliance,” Savin notes. “You basically push the task of assessing risk from the legislator to the companies.” This represents a fundamental shift from traditional checkbox compliance to ongoing risk assessment and management.

The Insurance Dilemma

While insurance might seem like an obvious solution, Savin explains why it’s problematic: “The whole insurance business lives on this delta between what we know you charge and the risk that something will happen – and nobody knows, nobody can assess this risk properly.”

The Management Imperative

Perhaps most significantly, these regulations place direct responsibility on senior management. “These laws demand active involvement on the management side,” Savin emphasises. “This is not something that you can push to legal.” The stakes are high, with potential fines, management liability, and reputational damage all on the line.

For law firms and their clients, the message is clear: cybersecurity compliance isn’t just another regulatory burden – it’s a fundamental business necessity. As Savin concludes, “Good cybersecurity compliance is also good value… but companies often realise it once the damage is done, once they get hacked, once they get data stolen. And then, of course, it’s often too late.”

Redefining the Lawyer’s Professional Identity

Legal Tech Literacy for Law Firms: Building Foundations for the Future

Coaching in Legal

AI Integration for In-House Legal Teams

Non-Lawyers in Arbitration

Redefining the Lawyer’s Professional Identity

Legal Tech Literacy for Law Firms: Building Foundations for the Future

Coaching in Legal

AI Integration for In-House Legal Teams

Non-Lawyers in Arbitration

Bridging the Gap Between Academia and Practice in the Age of AI

Breaking the Taboo Around Money In Legal

Smart Tech for Smart Holidays

From Big Law to Building My Law

How to Make the Right Legal Tech Choices?

Beyond the Hype: AI Agents in Legal Practice

Sanctions and Arbitration: Navigating the New Reality

AI Literacy for Law Firms: What Legal Practitioners Need to Know

Southeast Europe M&A: Investment Opportunities in a Dynamic Region

Trust Me, I’m a Coach: The Opportunity for Coaching in Legal Practice

Lawyer Wellbeing When Handling Legal Tech Implementation

English Arbitration Act 2025 Reforms: Modernising London’s Arbitration Framework

Latest in Legal Tech Innovation: The U.S. Perspective

Collaborating to Build Effective Legal Tech:

The Italian Legal Connection: An Evolving Market Overview

Commercial Skills: The Missing Piece in Legal Education

The European AI Act: Understanding Compliance in a Risk-Based Regulatory Framework

Business Development Support: A Catalyst for Legal Career Progression

International Arbitration Forum: Major Trends Revealed

Navigating Your Career in Big Law: Insights from Perkins Coie’s Ian Bagshaw and Natalie Thomas

Essential Legal Tech Skills for Today’s Lawyers

What Law Firms Are Really Looking For When Recruiting Trainees: Insights from Julian Yarr

Embracing AI in Legal Recruitment: How Candidates Can Leverage Technology for Success

Building Your LinkedIn Professional Presence

Navigating the SQE: Expert Insights on Preparation for Aspiring Solicitors

Interview Prep Techniques

Securing Your Training Contract in the UK & Ireland

Mastering Your Elevator Pitch: Tips & Tricks for Law Students and Early Career Lawyers

Reskilling for the Future: New Skills for Lawyers to Succeed

Building an Effective AI Strategy for Legal Teams: Insights from Jonathan Williams

Building a Lean Legal Enterprise

How Legal Operations Can Elevate Law Firm Performance: Insights from Vadym Kuzmenko

Selecting and Implementing Legal AI: Lessons from Bird & Bird

Developing an Effective CRM Strategy for Modern Law Firms

Legal News & Views | Law Firm Consolidation and Trade Tensions: Reshaping the Global Legal Landscape

How Delegation Can Accelerate Your Legal Career

The Spiritual Dimension of Peak Performance for Lawyers

Human Capital Trends 2025: Navigating the Future of Talent in the Legal Industry