A Case for Harmonizing Artificial Intelligence and Cybersecurity in the Legal Profession

Picture of Earl Duby

Earl Duby

CISO | Trusted Advisor | Board Member | Change Agent | FBI CISO Academy
Schedule a free confidential 30-minute consultation

Navigating the Intersection of AI and Legal Practice

January is a wonderful time of the year to reflect on the past year and think about where the new year may take us.  It’s also a great time to wade through the many 2023 Year in Review reports as well as the 2024 Prediction reports.  While there are countless examples of these reports in general, there are also a handful of interesting reports that address the legal profession specifically.  Most of these reports, whether wrapping up 2023 or projecting into 2024, discuss the rapid technological changes happening within the law firms of all sizes and how an industry that has historically been a slow-mover on change is going to have to speed up and adapt.

Chief Justice’s Perspective on AI in the Legal Realm

In his annual update, John Roberts, the Chief Justice of the United States Supreme Court, calls out his profession and addresses the tsunami that is Artificial Intelligence.  In Roberts’ 2023 Year-End Report on the Federal Judiciary, he points out the relative newness of technology on the desks of lawyers (just 35 years since the Federal Judiciary ensured that all judge’s chambers had a personal computer and all law clerks had at least one PC per judge to share).

From that humble beginning just 35 years ago, the highest courts across this country are grappling with the question of AI and how it will impact the practice of law and more introspectively, how it will impact the number of judges and lawyers.  Roberts hits that question head on: “As 2023 draws to a close with breathless predictions about the future of Artificial Intelligence, some may wonder whether judges are about to become obsolete. I am sure we are not—but equally confident that technological changes will continue to transform our work.”

The fact that the top judge in the United States is pondering the future of the judiciary based on the explosion of AI should cause pause within the profession as a whole.  Could tools such as ChatGPT or other large language model (LLM) tools lead to declines in the need for human lawyers and judges?  Currently, the answer seems to be “no” according to Roberts.

Challenges and Concerns Surrounding AI Integration

In fact, there is a high level of concern that current uses of AI are compromising confidentiality provisions and rendering judgements that are at odds with human empathy and judgment.  As Roberts notes in his yearend address, “Nuance matters: Much can turn on a shaking hand, a quivering voice, a change of inflection, a bead of sweat, a moment’s hesitation, a fleeting break in eye contact. And most people still trust humans more than machines to perceive and draw the right inferences from these clues.”

But is the general population of lawyers and law firm management thinking about this transformation that is happening in the industry?  Based on a recent survey by U.S. Legal Support, a litigation support company, that was released on January 2, the answer seems to be that some firms are getting it.  According to the survey that included responses from 1,693 respondents from August – September 2023, 46% agree that AI tools will become ubiquitous in the legal profession in the next 3-5 years.  That’s encouraging considering that only 21% of law firms confirmed that they used AI in 2023.

The top uses for AI technology, according to the survey, were:

  1. Legal Research
  2. Predictive Analysis
  3. Document Management and Automation
  4. Automation of Routine Tasks
  5. Litigation Analysis

Legal Tech Priorities for 2024

In an interesting twist, the same survey noted that of the top 5 Legal Technology Priorities for 2024, having a “Robust cybersecurity posture” came in fifth with just 25% of respondents selecting that as a top priority for the coming year.  With the technological revolution that is coming due to the prevalence of AI and AI-driven toolsets, protecting client data is going to become more critical than ever.  Not only are law firms ramping up their use of AI tools, so are the adversaries that are targeting client data.

Luckily, 71% of respondents noted that data privacy is a critical consideration when making technical buying decisions.  Now they need to make the connection that privacy and security are two sides of the same coin.  Ensuring privacy is nearly impossible without making proper security investments.

So, while the nation’s top judge ponders the future of the judiciary and the impact that Artificial Intelligence will play in shaping that future, the nation’s legal teams are also slowly waking up to need to make strategic plans around adopting and ultimately defending AI-driven data management tools.  And as this transformation grinds along, the risks continue to grow.  According the American Bar Association 2023 Cybersecurity TechReport, which was released in December 2023, the number of law firms reporting a security breach increased from 27% in 2022 to 29% last year.

Preparing for an AI-Impacted Legal Landscape

Law firms must make the connection between data management, AI-driven process improvement, and a resultant investment in risk management (including privacy and cybersecurity).  Without harmonizing these three areas, firms risk collecting and processing large volumes of highly sensitive data without properly securing or protecting their clients.

As Roberts says, “I predict that human judges will be around for a while. But with equal confidence I predict that judicial work—particularly at the trial level—will be significantly affected by AI.”  It can also be confidently said that AI will impact ALL legal work, and the entire profession needs to prepare and understand the risk, and how to mitigate those risks.

Learn how Auxiom can help

Author

  • 1517689790359

    Earl Duby is a proven cyber security leader with over 25 years of experience leading security teams in multiple industries, ranging from large financial services companies to Fortune 150 manufacturers. Recently, Earl spent 6½ years as the Chief Information Security Officer (CISO) for Lear Corporation in Southfield, Michigan. Before that, he was Vice President of Security Architecture for Synchrony Financial as it spun off from General Electric. Earl has held several other security leadership roles and has earned Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Fraud Examiner (CFE), Certificate of Cloud Security Knowledge (CCSK), SABSA Certified Foundation and Certified Information Systems Auditor (CISA) certifications.

Related Posts