Analysis of the Impact of Digital Transformation of the Legal Field on Data Cybersecurity
DOI:
https://doi.org/10.26512/lstr.v17i2.56766Keywords:
Cloud Computing. Blockchain. Privacy. Artificial Intelligence. Legal Regulation.Abstract
[Purpose] To develop effective cybersecurity strategies in the context of digital transformation of the legal field.
[Methodology/approach/design] The research methodology includes a comprehensive analysis of technological, organisational, and regulatory aspects of the problem.
[Findings] The article examines international legal cybersecurity regulation and recommends approaches to adapt best practices. The human component in law firm cybersecurity is examined, and recommendations for boosting staff digital literacy are made. Quantum cryptography's legal data protection potential and successful cyber-attacks on DLA are analysed. Piper, Cravath, Swaine & Moore, Jones Day. The introduction of cloud technologies in legal firms significantly increases the risk of unlawful access to confidential information. An examination of 2020–2023 cyberattacks on legal entities found a growing trend of automating hostile acts with AI. The vulnerability evaluation identifies crucial data protection issues in legal services digitisation. A model of an adaptive cyber security system that considers law firm business process transformation offers a significant reduction in attack likelihood. Rewriting the legislative framework for personal data protection in the context of digitalisation, including regulating blockchain technology in legal practice, is justified. The integration of digital platforms into legal activity introduces new cyber dangers that demand novel security. Examine the impact of lawyers' remote work on corporate network security and offer ways to reduce hazards.
[Practical implications] The results of the study form the basis for the development of effective cybersecurity strategies in the legal field and the improvement of relevant legislation, which is critical for ensuring the confidentiality and integrity of legal information in the digital age.
References
ALOUFFI, B., HASNAIN, M., ALHARBI, A., ALOSAIMI, W., ALYAMI, H., & AYAZ, M. (2021). A systematic literature review on cloud computing security: Threats and mitigation strategies. IEEE Access, 9, 57792-57807. doi: https://doi.org/10.1109/access.2021.3073203
AVIV, I., GAFNI, R., SHERMAN, S., AVIV, B., STERKIN, A., & BEGA, E. (2023). Cloud Infrastructure from Python Code – breaking the Barriers of Cloud Deployment. In: M. Wiese (Eds.), 17th European Conference on Software Architecture, ECSA 2023. Istanbul: Turkey; https://conf.researchr.org/details/ecsa-2023/ecsa-2023-journal-first/2/Cloud-Infrastructure-from-Python-Code-breaking-the-Barriers-of-Cloud-Deployment
BABIKIAN, J. (2023a). Securing rights: Legal frameworks for privacy and data protection in the digital era. Law Research Journal, 1(2), 91-101.
BABIKIAN, J. (2023b). Navigating legal frontiers: Exploring emerging issues in cyber law. Revista Espanola de Documentacion Cientifica, 17(2), 95-109. doi: http://dx.doi.org/10.13140/RG.2.2.20264.55048
BOCHELIUK, V.I., NECHYPORENKO, V.V., DERGACH, M.A., POZDNIAKOVA-KYRBIATIEVA, E.G., & PANOV, N.S. (2019). Management of professional readaptation in terms of the modern Ukrainian society. Astra Salvensis, 1, 539-552. https://repository.khnnra.edu.ua/scientific-texts/management-of-professional-readaptation-in-terms-of-the-modern-ukrainian-society/
CICHONSKI, P., MILLAR, T., GRANCE, T., & SCARFONE, K. (2012). Computer security incident handling guide: Recommendations of the national institute of standards and technology. doi: http://dx.doi.org/10.6028/NIST.SP.800-61r2
CODAGNONE, C., & WEIGL, L. (2023). Leading the charge on digital regulation: The more, the better, or policy bubble? Digital Society, 2, 4. doi: https://doi.org/10.1007/s44206-023-00033-7
Convention on Cybercrime. (2001). Retrieved from: https://rm.coe.int/1680081561.
ČUPKA, O., FEDERLOVA, E., & VESELY, P. (2023). Comparison of methodologies used in cybersecurity reports. In: N. Kryvinska, M. Greguš, S. Fedushko (Eds.), Developments in Information and Knowledge Management Systems for Business Applications (pp. 313-348). Cham: Springer. doi: https://doi.org/10.1007/978-3-031-25695-0_15
DEMCHENKO, M.V., GULIEVA, M.E., LARINA, T.V., & SIMAEVA, E.P. (2021). Digital transformation of legal education: Problems, risks and prospects. European Journal of Contemporary Education, 10(2), 297-307. doi: https://doi.org/10.13187/ejced.2021.2.297
Directive (EU) 2016/1148 of the European Parliament and of the Council of concerning measures for a high common level of security of network and information systems across the Union. (2016). Retrieved from: https://eur-lex.europa.eu/eli/dir/2016/1148/oj
Directive (EU) 2018/1972 of the European Parliament and of the Council of establishing the European Electronic Communications Code. (2018). Retrieved from: https://eur-lex.europa.eu/eli/dir/2018/1972/oj
DISTERER, G., & KLEINER, C. (2013). BYOD bring your own device. Procedia Technology, 9, 43-53. doi: https://doi.org/10.1016/j.protcy.2013.12.005
DLA Piper ransomware hack: What can we learn from it? (2024). Retrieved from: https://www.titanfile.com/blog/dla-piper-ransomware-hack-can-learn/
FORRADELLAS, R.F.R., & GALLASTEGUI, L.M.G. (2021). Digital transformation and artificial intelligence applied to business: Legal regulations, economic impact and perspective. Laws, 10(3), 70. doi: https://doi.org/10.3390/laws10030070
FREUND, J., & JONES, J. (2015). Measuring and managing information risk: A FAIR approach. Portsmouth: Butterworth-Heinemann. doi: https://doi.org/10.1016/C2013-0-09966-5
GAFNI, R., AVIV, I., & HAIM, D. (2024). Multi-Party Secured Collaboration Architecture from Cloud to Edge. Journal of Computer Information Systems, 64(5), 698-709. doi: https://doi.org/10.1080/08874417.2023.2248921
GAIE, C., & KARPIUK, M. (2024). The provision of e-services by public administration bodies and their cybersecurity. In: C. Gaie, M. Mehta (Eds.), Transforming Public Services – Сombining Data and Algorithms to Fulfil Citizen’s Expectations (pp. 175-188). Cham: Springer. doi: https://doi.org/10.1007/978-3-031-55575-6_7
GAO, X. (2022). An attractive alternative? China’s approach to cyber governance and its implications for the western model. International Spectator, 57(3), 15-30. doi: https://doi.org/10.1080/03932729.2022.2074710
GASHI, S., IMARALIEVA, T., ABDYKADYROV, S., LAILIEVA, E., & BABAYEV, F. (2024). Research on the impact of artificial intelligence on financial security in the context of modern technological challenges. Revista Interdisciplinar de Ciencia Aplicada, 8(13). doi: https://doi.org/10.18226/25253824.v8.n13.08
GJIKA, J. (2023). Harmonizing Albanian electronic communications law: A comprehensive analysis of European electronic communications code impact. Balkan Social Science Review, 22(22), 189-221. doi: https://doi.org/10.46763/BSSR232222189g
GLASZE, G., CATTARUZZA, A., DOUZET, F., DAMMANN, F., BERTRAN, M.G., BÔMONT, C., & ZANIN, C. (2022). Contested spatialities of digital sovereignty. Geopolitics, 28(2), 919-958. doi: https://doi.org/10.1080/14650045.2022.2050070
GOLDSTEIN, M. (2016). Cravath law firm discloses a data attack. Retrieved from: https://www.nytimes.com/2016/03/31/business/dealbook/cravath-law-firm-discloses-a-data-attack.html
HABERMAS, J. (2022). Reflections and hypotheses on a further structural transformation of the political public sphere. Theory, Culture & Society, 39(4), 145-171. doi: https://doi.org/10.1177/02632764221112341
HAMDAMOVA, F. (2020). Strategy “Digital Uzbekistan-2030”: Prerequisites for adoption, main provisions, mechanisms and prospects of realization. Society and Innovations, 2(1/S), 131-143. doi: https://doi.org/10.47689/2181-1415-vol2-iss1/s-pp131-143
ISO/IEC 27001:2013: Information technology – Security techniques – Information security management systems – Requirements. (2013). Retrieved from: https://www.iso.org/obp/ui/#iso:std:iso-iec:27001:ed-2:v1:en
ISO/IEC 27043:2015: Information technology – Security techniques – Incident investigation principles and processes. (2015). Retrieved from: https://www.iso.org/standard/44407.html
JOHNSON, C.S., BADGER, M.L., WALTERMIRE, D.A., SNYDER, J., & SKORUPKA, C. (2016). Guide to cyber threat information sharing. doi: http://dx.doi.org/10.6028/NIST.SP.800-150
KAROVSKA-ANDONOVSKA, B., & TANESKI, N. (2020). Legal aspects of security in cyberspace. Security Dialogues, 11(1), 99-100. doi: http://dx.doi.org/10.47054/SD2010099ka
KHARCHENKO, V., PONOCHOVNYI, Y., QAHTAN, A.-S.M., & BOYARCHUK, A. (2017). Security and availability models for smart building automation systems. International Journal of Computing, 16(4), 194-202. doi: http://dx.doi.org/10.47839/ijc.16.4.907
KIRSIENE, J., & AMILEVIČIUS, D. (2022). Digital transformation of legal services and access to justice: Challenges and possibilities. Baltic Journal of Law & Politics, 15(1), 141-172. doi: http://dx.doi.org/10.2478/bjlp-2022-0007
KOÇI, A. (2022). Cyber security and legal challenges on managing online data. In: D. Dašić (Ed.), Security Challenges of Modern Society – Dilemmas and Implications. (pp. 187-201). Belgrade: Faculty of Law, Security and Management “Constantine the Great”.
KOLBAYEV, N., TUYENBAYEVA, K., SEITIMBETOVA, D., & APAKHAYEV, N. (2024). Methods of Modelling Electronic Academic Libraries: Technological Concept of Electronic Libraries. Preservation, Digital Technology and Culture, 53(2), 81-90. doi: https://doi.org/10.1515/pdtc-2024-0001
LEESE, M. (2023). Staying in control of technology: Predictive policing, democracy, and digital sovereignty. Democratization, 31(5), 963-978. doi: https://doi.org/10.1080/13510347.2023.2197217
MANKO, D., ZGHAMA, A., ATAMANOVA, N., ARABADZHY, N., & USTINOV, D. (2023). Legal regulation of the digital environment: Digitization of the state-legal and law enforcement sphere. Amazonia Investiga, 12(70), 125-133. doi: https://doi.org/10.34069/AI/2023.70.10.11
MOHAMED, N. (2023). Current trends in AI and ML for cybersecurity: A state-of-the-art survey. Cogent Engineering, 10(2), 2272358. doi: https://doi.org/10.1080/23311916.2023.2272358
MONITORING OF NATIONAL CYBERSECURITY STRATEGY 2020-2025. (2023). https://aksk.gov.al/wp-content/uploads/2024/01/Monitoring-of-the-National-Cyber-Security-Strategy-2022.pdf
NARAYANAN, P.S., ANI, R., & KING, A.T.L. (2020). TorBot: Open-source intelligence tool for dark web. In: G. Ranganathan, J. Chen, Á. Rocha (Eds.), Proceedings of ICICCT 2019 “Inventive Communication and Computational Technologies” (pp. 193-207). Singapore: Springer. doi: https://doi.org/10.1007/978-981-15-0146-3_19
National Institute of Standards and Technology. (2018). Framework for improving critical infrastructure cybersecurity. Cybersecurity Framework. doi: https://doi.org/10.6028/NIST.CSWP.04162018
NGUYEN, M.T., & TRAN, M.Q. (2023). Balancing security and privacy in the digital age: An in-depth analysis of legal and regulatory frameworks impacting cybersecurity practices. International Journal of Intelligent Automation and Computing, 6(5), 1-12.
NURBATYROVA, R., JAPAROV, B., APAKHAYEV, N., ABDULAZIZ, B., & KHUSHKELDIYEVA, S. (2024). Digital Transformation of Archives in the Context of the Introduction of an Electronic Document Management System in Kazakhstan. Preservation, Digital Technology and Culture, 53(3), 147-155. doi: https://doi.org/10.1515/pdtc-2024-0017
OPFER, C. (2021). Jones Day hit by data breach as vendor Accellion hack widens. Retrieved from: https://news.bloomberglaw.com/business-and-practice/jones-day-hit-by-data-breach-as-vendor-accellion-hacks-widen
PALKO, D., BABENKO, T., BIGDAN, A., KIKTEV, N., HUTSOL, T., KUBOŃ, M., HNATIIENKO, H., TABOR, S., GORBOVY, O., & BORUSIEWICZ, A. (2023). Cyber Security Risk Modeling in Distributed Information Systems. Applied Sciences (Switzerland), 13(4), 2393. doi: https://doi.org/10.3390/app13042393
Regulation (EU) 2016/679 of the European Parliament and of the Council On the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC. (2016). Retrieved from: https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016R0679
Regulation (EU) 2022/1925 of the European Parliament and of the Council On contestable and fair markets in the digital sector and amending Directives (EU) 2019/1937 and (EU) 2020/1828. (2022). Retrieved from: http://data.europa.eu/eli/reg/2022/1925/oj
Regulation (EU) 2022/2065 of the European Parliament and of the Council on a Single Market for Digital Services and amending Directive 2000/31/EC. (2022). Retrieved from: https://eur-lex.europa.eu/eli/reg/2022/2065/oj
Resolution on Issues of Development of Inclusive Education in the Kyrgyz Republic. 2019. Retrieved from: http://cbd.minjust.gov.kg/act/view/ru-ru/14590
SAKHIPOV, A., YERMAGANBETOVA, M., LATYPOV, R., & UALIYEV, N. (2022). Application of blockchain technology in higher education institutions. Journal of Theoretical and Applied Information Technology, 100(4), 1138-1147. doi: http://dx.doi.org/10.1109/ICISCT50599.2020.9351424
SHABALIN, A., SHTEFAN, O., ANDRUSHCHENKO, L., & OLEFIR, V. (2024). Use of digital technologies in judicial proceedings in some countries of Europe and the USA. Measuring Environmental Impacts and Judiciary Environments, the Critical Analysis, 9(1), 1-16. doi: https://doi.org/10.22373/petita.v9i1.218
SIDORENKO, E.L., & VON ARX, P. (2020). Transformation of law in the context of digitalization: Defining the correct priorities. Digital Law Journal, 1(1), 24-38. doi: https://doi.org/10.38044/dlj-2020-1-1-24-38
SULE, M.J., ZENNARO, M., & THOMAS, G. (2021). Cybersecurity through the lens of digital identity and data protection: Issues and trends. Technology in Society, 67, 101734. doi: https://doi.org/10.1016/j.techsoc.2021.101734
ŚWITAL, P., & SKOCZYLAS, D. (2024). The information sphere in the age of cyberthreats. Disinformation and cybersecurity. Teka Commission of Legal Sciences, 17(1), 257-271. doi: http://dx.doi.org/10.32084/tkp.5812
SYARIEF, E. (2022). Security concerns in digital transformation of electronic land registration: Legal protection in cybersecurity laws in Indonesia. International Journal of Cyber Criminology, 16(2), 32-46.
TACHE, C.E.P., & SĂRARU, C.S. (2024). Evaluating today’s multi-dependencies in digital transformation, corporate governance and public international law triad. Cogent Social Sciences, 10(1), 2370945. doi: https://doi.org/10.1080/23311886.2024.2370945
TIKHOMIROV, Y., KICHIGIN, N., TSOMARTOVA, F., & BALKHAYEVA, S. (2021). Law and digital transformation. Law Journal of the Higher School of Economics, 2, 4-23.
TKACHENKO, O., GONCHAROV, V., & JATKIEWICZ, P. (2024). Enhancing Front-End Security: Protecting User Data and Privacy in Web Applications. Computer Animation and Virtual Worlds, 35(6), e70003. doi: https://doi.org/10.1002/cav.70003
TSINDELIANI, I.A., PROSHUNIN, M.M., SADOVSKAYA, T.D., POPKOVA, Z.G., DAVYDOVA, M.A., & BABAYAN, O.A. (2022). Digital transformation of the banking system in the context of sustainable development. Journal of Money Laundering Control, 25(1), 165-180. doi: https://doi.org/10.1108/JMLC-02-2021-0011
WITTING, C. (2005). Duty of care: An analytical approach. Oxford Journal of Legal Studies, 25(1), 33-63. doi: https://doi.org/10.1093/ojls/gqi003
ZENIN, S., KORNEV, A., LIPEN, S., SHEPELEV, D., & TANIMOV, O. (2023). Transformation of law and legal activity in the context of the development of digital technologies. Lex Humana, 15(1), 277-290.
ZYHRII, O., TRUFANOVA, Y., PARASHCHUK, L., SAMPARA, N., & TSVIGUN, I. (2023). Law and technology: The impact of innovations on the legal system and its regulation. Social & Legal Studios, 6(4), 267-275. doi: https://doi.org/10.32518/sals4.2023.267
Downloads
Published
Issue
Section
License
Copyright (c) 2025 Law, State and Telecommunications Review
This work is licensed under a Creative Commons Attribution 4.0 International License.
By submitting this paper to the Law, State and Telecommunications Review,
I hereby declare that I agree to the terms of the Creative Commons Attribution 4.0 International (CC BY 4.0).
