Skip to content

Cybersecurity Compliance

Legal Departments’ Scope Is Expanding According to Survey of Chief Legal Officers

February 2, 2024

Download the report today

For the 25th consecutive year, the Association of Corporate Counsel has conducted its survey of the highest-ranking legal officers in major US and international enterprises, publishing the results (in partnership with Exterro) in the 2024 ACC Chief Legal Officers Survey. This year the survey polled over 600 CLOs and general counsel representing companies in 20 industries and 31 countries. 

And what’s the biggest takeaway that we see? CLOs and enterprise legal teams are responsible for more areas than ever–and they’re demanding more attention from legal professionals. 

The majority of CLOs oversee at least three additional business functions beyond legal.

Fifty-eight percent of CLOs oversee three or more additional business functions beyond legal and 27 percent oversee five or more. These most commonly include areas such as privacy (44 percent), ethics (43 percent), and risk (38 percent), but also can include areas such as environmental, social, & governance (ESG) (24 percent), government affairs (22 percent), cybersecurity (14 percent), and human resources (14 percent).

And this isn’t just functional oversight. These areas are major priorities for these organizations, and consequently for CLOs and their teams.

Regulations and enforcement keep CLOs up at night. 

The top three issue areas impacting organizations that keep CLOs up at night are regulations and enforcement (53 percent), privacy and data security (41 percent), and cybersecurity threats (37 percent). Outside of the US, talent retention is the top issue (42 percent), and cross-border work is more pronounced (24 percent), while litigation is a greater concern in the US. 

And that’s really important to note–litigation, once the bread and butter of legal departments, ranks behind several other concerns for legal officers. When asked about data threats, CLOs are concerned about data breaches, regulatory enforcement, and other cybersecurity threats–all ahead of litigation. But it’s not that litigation doesn’t matter to CLOs; it does. But it’s only part of the puzzle, not the dominant issue.

CLOs continue to face intense pressure to do more with less.

Of course they are, given their expanding responsibilities!

Forty-two percent of CLOs say their legal department received a cost-cutting mandate from their organization over the past year. At the same time, 58 percent of legal departments have been impacted by law firm rate hikes, with 23 percent of CLOs saying the increases have been difficult to manage. Accordingly, the results show a decrease in the percentage of departments saying they will add staff in 2024 and a decrease in the amount of work being sent to law firms and other vendors. 

What’s the most effective way to get a handle on these expanding, but also overlapping problems? Through effective data risk management. Modern organizations collect, retain, and analyze more data, of more types, from more sources than ever before. Data can be the key to maximizing revenue… but it also poses serious risks. Privacy regulations, civil litigation, and data breaches are three major risks that demand attention from CLOs and their teams–and they can have major impacts on the bottom line.

The need for holistic, integrated data risk management

The fact of the matter is that no person, or even team, can successfully maintain an accurate, up-to-date, comprehensive data inventory for a modern enterprise without advanced technology. There is too much data, stored in too many platforms, spanning traditional on-premises infrastructure and private, public, and hybrid cloud locations. Companies and even departments add and remove new communications and storage platforms routinely–and it’s not likely they’re taking the time to inform legal, privacy, compliance, risk management, and cybersecurity every time they do so. But if there’s a problem, those departments and their leaders will have to find the solution.

No one knows this better than Exterro. No company in our space helps more large organizations preserve, manage and analyze their data than we do. We help our clients manage Exabytes of data every day. It is fairly routine for Exterro clients to manage thousands and in many cases millions of custodian data sources. As more and more data and data sources are added every day, the burden on CIOs, CISOs, CPOs and especially Chief Legal officers grows, due to heightened levels of governance and compliance risk that Exterro is uniquely qualified to address. Exterro offers organizations the fastest way to find, identify, and classify personally identifiable information and sensitive data, determine compliance with policies and regulations, and calculate data risks across complex, enterprise data landscapes.

If you’re looking to learn more lessons from the 2024 ACC Chief Legal Officers Survey, download your complimentary copy of the report today.  

Sign Up for Alerts

Get notified when new content for specific topics is available.

Sign Up