Securing the Law Firm Summit

From cybersecurity to real, risk-based exposure management: the true power of resilience

20th January 2026 • Park Plaza Victoria, London, UK

Individual assets and vulnerabilities are the wrong focus. So how do you link technical security with business necessities?

 

Critical questions for legal firms – and their security teams

If you run any organisation large or small today, the best way to test your cybersecurity function is simply to ask, “are we 100% secure against a ransomware attack crippling the business?”. The answer will, in almost all cases, be “no” and that is where all real conversations about cybersecurity should start.

In that discussion, ransomware is simply a placeholder for any type of attack that can disable critical business processes to the extent that the enterprise is materially affected. And to answer the question, the enterprise has to do a lot more than give the task to the CISO and rely on a security stack that focuses on specific threats without reference to enterprise risk.

Risk prioritisation requires a complete understanding of the minimum viable business, the processes and assets (end-to-end) which that business would need to run, and then an analysis of the IT systems and vulnerabilities implicated.

That requires the business, the CRO, IT and operational risk staff, the business continuity team, the cybersecurity team and senior management all to co-operate actively to put together a true picture of what the firm really is – in terms of the businesses, people and processes that cannot be lost. In all likelihood, this analysis has never been done before, and the pace of technical change probably means that figuring out the technology aspects will never have been done either. Does anyone know every single element in a particular business process? If not, then no security team will be able to secure it.

So, is anyone really doing this outside those forced to by regulation? If not, do they understand the risk they are taking? How do they think about cybersecurity risk and how do they prioritise resources to mitigate it?

The ransomware question prompts dozens of others and not around resilience.

  • Are you securing your firm — or just your IT department?
  • If your firm had to publish its cyber hygiene metrics alongside its financials, what would clients think?
  • Would your partners rather pay off attackers in silence than admit a breach to clients? Have they?
  • How many nation-states already have a copy of your clients’ privileged information?
  • Does your CISO have the authority to say “no” to a managing partner — and survive the day?
  • When a breach comes, will clients sue your attackers — or sue you?
  • If regulators demanded impact tolerances for law firms tomorrow, would you know what they meant, and could you produce them?
  • Which is the greater insider threat: your employees, or your contractors?
  • Why do firms with the world’s highest hourly billing rates still plead poverty on cybersecurity spend?

All of this boils down to moving away from vulnerability management, or securing the network, or securing the cloud, or securing applications. Dividing the enterprise up by its technologies is how a technologist would secure it. But as they themselves admit, technologists (and CISOs) struggle to articulate the business case for security spend.

They blame management’s lack of understanding of complex IT and the uncertainties of security. But managements are used to complexity and uncertainty – that’s literally the business. So, the real problem is security teams not talking about risk, about material exposures in terms of the business. Only by focusing on critical business processes and true resilience can security free itself from the impossible task of security as it is currently managed.

 

The Securing the Law Firm Summit will look at the latest thinking around legal cybersecurity. As well as presentations from some of the world’s largest firms we will also be asking how small and medium-sized organisations can keep up with cybersecurity best practice in the sector.

  • Achieving visibility across ecosystems

    • From exposed initial access points such as warehouse management systems to complex machine control software, simply understanding your device and application landscape, its connection and data flows and dependencies is a huge challenge.
    • Can you help with asset tracking and endpoint visibility?
    • And what about anomaly detection after that?
  • Making the best use of threat intelligence

    • In a pre-emptive security model, timing is everything — success depends on detecting and neutralizing threats before they become active incidents.
    • To do this, security operations can't just rely on internal telemetry (e.g., endpoint or network logs).
    • They need external, real-time context about emerging threats — where do they get it?
  • Security Posture Management

    • Traditional vulnerability scanners don’t handle cloud native architectures well.
    • Today’s cloud environments spin up thousands of ephemeral assets without a traditional OS, without an IP address for long.
    • So how do you adapt to that dynamic, API-driven reality? How can traditional tools connect the dots – not just generate tickets?
  • Adversary simulation and behavioural analysis

    • Automated adversary simulation identifies telemetry blind spots.
    • They provide prioritized remediation guidance and control effectiveness metrics. They track progress trends and validate security ROIs as well as providing board and audit reporting.
    • How well do they work in practice?
  • Improving continuous attack surface discovery

    • You need to know what attackers can see and what they can actually attack – and you need it on a continuous basis, not in some static inventory.
    • Ideally you also need assets ranked by risk priority and put into the current threat and vulnerability context.
    • Is this feasible and is it cost effective?
  • The power of automation

    • There’s too much manual intervention in security. SOAR pulls data from SIEMs, EDRs, firewalls, cloud APIs, ticketing systems, threat intelligence feeds, and even email servers.
    • It also coordinates actions across tools via APIs and prebuilt integrations and intelligent playbooks.
    • Well, that’s the theory. How does it work in the real world?
  • Dealing with regulations

    • CISOs now must build a single coherent security program that simultaneously satisfies divergent regulatory demands.
    • They must interpret vague legal standards into technical architectures, and they risk non-compliance if auditors, regulators, or courts interpret those differently later.
    • They face unrealistic expectations around incident reporting and they face personal liability. Can RegTech help?
  • Defending against the latest ransomware variants

    • Ransomware is effective precisely because it can exploit whatever weaknesses exist in your security architecture and processes
    • The threat and the actors are constantly evolving, and that evolution is forcing the hand of the government and causing havoc in the insurance market
    • What can CISOs do to better defend against ransomware?
  • Transitioning OT to the Cloud?

    • OT traditionally was localized in particular sites and air-gapped from IT systems.
    • But connectivity with broader corporate networks and the need to manage technology more centrally (especially during COVID) has seen companies looking at managed services in the Cloud for OT.
    • Is this a way forward?
  • Pen testing for OT / SCADA

    • Testing is key to identifying and fixing vulnerabilities before they're exploited. 
    • Regulations like NERC CIP require utilities to assess and mitigate risk. 
    • Testing checks OT security controls are functioning properly and shows regulators an organization's commitment to security.Can you help?
  • OT and the regulations

    • DORA, NIS2 and other regulations put more responsibility for resilience on firms deemed important or critical.
    • Many have focused on IT networks but the regulations include all resilience and so OT environments matter. 
    • What does this new emphasis from regulators mean practically for OT security?
  • Why zero trust, isolation and segmentation are key

    • There has been a shift in recent attacks away from the theft of data – now threat actors are concerned with interrupting all operation activity.
    • It is now critical that business functions are separated, and that internet access to OT networks is limited.
    • Can security teams keep up with sophisticated foes? 

Who attends

Job titles

Security Architect
Information Security Senior Analyst
Head of Solutions Delivery
Head of Information Security
Operations Manager, Cyber
Global Information Governance Manager
IT Security Manager
Cyber Security Analyst
Cyber Security Technologist
IT Manager
Info Sec Governance Risk & Compliance Manager
Head of Information Technology
Senior Information Security Analyst
Head of IT Operations
Head of Cyber Security
Chief Information Security Officer
IT Operations and Security Manager
Security Operations Engineer
Head of IT & Operations
Head of IT
CISO
Director of IT
Head of GRC
Cyber GRC Manager
Head of Cyber Security
Security Analyst
Information Security Analyst
IT Risk and Disaster Recovery Manager
Lead Enterprise Architect
Information Security Manager
Information Security Governance Manager
Head of Technology and Security
Head of IT
Lead Cybersecurity Engineer
Information Security Analyst
Head of Information Technology
Security Operations Manager
Cyber Security Manager
Information Security Manager
Senior Business Continuity & Resilience Specialist
Lead End User solutions engineer
Security Architect
Head of Information Security
Chief Information Security Officer
Information Security Officer
IT Manager
Information Security Analyst
Information Security Officer
Information Security Manager
IT Admin and Compliance Officer
Information Security Manager
Director of IT
Senior Manager Business Assurance
Information Security Architect
Head of IT and Information Security Officer
IT Manager
Head of Information Security
Director of IT
IT Director
Director of Information Security
Head of IT
Customer Support Analyst
Information Governance
IT Director
Cyber Security Specialist
Head of IT
Information Security Analyst
Head of IT Infrastructure and Architecture
Chief Information Officer
IT Manager
Director of Risk and Compliance
Cyber Security Analyst
IT and Cyber Security Administrator
Global Info Sec GRC Manager
Head of Information Security
Information Security Manager
Cyber Consulting Director
Director, Risk & Compliance
Cyber Security Manager
Compliance Consultant
Information Security Officer
Cyber Security Engineer
Senior Manager, Platforms and Infrastructure Design
Chief Information Officer
Information Security Officer
Information Security Manager
Unified Communications and Collaboration Services
CTO
Head of Information Security
Data Privacy and Regulatory Compliance Lawyer
Information Security Operations Analyst
Information Assurance Officer
Senior IT Manager
Information Security Manager
Information Security Specialist
SecOps Manager
Risk, Culture and Engagement Lead Specialist
Associate Director - Information Security
Applications Support Specialist
CISO - Corporate Functions
Lead End User Computing Solutions Engineer
IT Manager

Organisations

Walkers Global
Shakespeare Martineau
Gateley Plc
Slaughter and May
Clyde & Co LLP
HFW
The Law Society
HFW
Macfarlanes LLP
Gill Jennings & Every LLP
Shakespeare Martineau
King & Wood Mallesons (KWM)
Horwich Farrelly
Addleshaw Goddard LLP
HFW
Withersworldwide LLP
EIP Europe LLP
Travers Smith LLP
Cains
Beale & Co
Walkers Global
CMS
Dentons UKMEA LLP
Mishcon de Reya LLP
DLA Piper LLP
Taylor Wessing LLP
Travers Smith LLP
Norton Rose Fulbright LLP
Shakespeare Martineau
Wedlake Bell LLP
RPC LLP
Howard Kennedy LLP
RPC LLP
Mishcon de Reya LLP
Forsters LLP
Lightfoots LLP
Shakespeare Martineau
Foot Anstey LLP
Burges Salmon LLP
Clifford Chance LLP
Clifford Chance LLP
Ashurst LLP
Freeths LLP
Clyde & Co LLP
Ashurst LLP
Colman Coyle LLP
Joseph Hage Aaronson
Taylor Wessing LLP
Gateley Plc
Birketts LLP
Ward Hadaway
IBB Law
Brodies LLP
Clifford Chance LLP
Bates Wells LLP
Martin Tolhurst Solicitors
Addleshaw Goddard LLP
Bevan Brittan LLP
Stewarts Law LLP
Morae Global
Wiggin LLP
Birkett Long LLP
Penningtons Manches Cooper LLP
Boult Wade Tennant
Government Legal Department
Russell-Cooke LLP
Shakespeare Martineau
Blake Morgan LLP
Horwich Farrelly
Cadwalader Wickersham & Taft LLP
Dechert LLP
Addleshaw Goddard LLP
Martin Tolhurst Solicitors
Allen & Overy LLP
Mishcon de Reya LLP
Macfarlanes LLP
Mishcon de Reya LLP
Wedlake Bell LLP
RPC LLP
Coole Bevis LLP
Shepherd and Wedderburn
HFW
Hogan Lovells International LLP
Buckles Solicitors LLP
Gowling WLG
Ashurst LLP
Clifford Chance LLP
Hogan Lovells International LLP
Bird & Bird LLP
Dechert LLP
Shakespeare Martineau
Trowers & Hamlins
The Honourable Society of Lincoln's Inn
HFW
Travers Smith LLP
Farrer & Co LLP
DLA Piper LLP
Morae Global
Orrick Herrington & Sutcliffe LLP
Credit Suisse
Clifford Chance LLP
4 New Square

Industries

Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Legal
Banking
Legal
Barristers Chambers


Venue

Park Plaza Victoria, London

vpp

Location:
Park Plaza Victoria
239 Vauxhall Bridge Road, London, UK, SW1V 1EQ
Telephone: 0333 400 6140

Directions:
Please click here