You would not tolerate an associate with uniform confidence for very long. It makes them less useful, not more, because you cannot triage your review. Every assertion demands the same level of scrutiny. Yet this is precisely how every major large language model operates today. And the artificial intelligence industry’s proposed solution — spending billions to marginally reduce hallucinations — fundamentally misunderstands what lawyers actually need.
Businesses subject to the CCPA now must conduct risk assessments for certain types of processing activities and, starting in 2028, must certify to California regulators that they completed the assessments.
On Dec. 5, 2025, New York Governor Kathy Hochul signed into law a set of amendments to the New York Uniform Commercial Code which create a new article, Article 12, covering a broad range of digital assets, with various associated changes to other UCC provisions.
The U.S. Securities and Exchange Commission should ease the disclosure requirements of public companies, including those related to insider trading and cybersecurity, SEC Commissioner Mark Uyeda said.
As we enter 2026, the winners will be those who operationalize compliance as a capability by linking AI governance, privacy discipline, and cybersecurity resilience to business enablement.
The Verification-Value Paradox states that increases in efficiency from AI use “will be met by a correspondingly greater imperative to manually verify” the outputs. The result is that the net value of AI in many legal contexts may be negligible once verification is honestly accounted for. For low-stakes tasks, verification costs are light. For core legal work, verification costs are heavy. That’s the tension.
An annual tradition continues at Cybersecurity Law & Strategy as we poll our panel of experts on the key developments of 2025 and what we can expect in 2026 in AI, privacy, e-discovery and other areas of legal tech.
The latest data underscores that no sector or business is immune, and the financial, operational, and reputational stakes have never been higher. Against this backdrop, the 2025 NetDiligence Cyber Claims Study offers invaluable insights into the most pressing risks and trends shaping today’s cyber landscape.
Given how the threat landscape is evolving, structured data expertise is no longer a niche specialty
When a cyberattack occurs, time is the most valuable asset. Much like law enforcement’s “first 48” hours rule in criminal investigations, the first 72 hours of a cyberattack, often referred to collectively as the “golden hour,” are crucial. Early action preserves critical evidence, prevents further harm, and increases the chance of a successful resolution.
