There’s a fine line between being pessimistic and being pragmatic. But when it comes to law firm cybersecurity, its hard find any daylight between the two. For many lawyers, having to deal with a cyber incident is often a matter “when, not if.” But that doesn’t mean they’re giving up protecting their data and IT assets. In fact, such a seemingly defeatist attitude is actually an asset when it comes to cybersecurity.

“I think as unhealthy as it is, it is the most healthy way to approach this issue because the bad guys aren’t going to stop,” says Kermit Wallace, chief information officer at Day Pitney. He explains that assuming a cyber incident is inevitable means one is “going to do things to prevent the breach but also to prepare for what would happen if the breach actually occurs.”

Kermit Wallace, Chief Information Officer with Day Pitney.