Legal and compliance issues are top of mind for organizations today, particularly as AI advances pick up steam and employers grapple with a still-changing regulatory landscape in the second year of a new administration. And according to new research, organizations increasingly feel less prepared to address litigation risk.
The share of organizations involved in at least one lawsuit last year remained flat from the previous year—and the average number of suits declined slightly, according to Norton Rose Fulbright’s 2026 Litigation Trends Survey. However, in its survey of 400 U.S. general counsel and in-house litigation leaders, the firm found that the share of respondents who felt “very prepared” to address litigation plummeted between 2024-25: from 46% to 29%.
Kimberly Cheeseman, co-head of Norton Rose Fulbright’s Litigation and Disputes department, says the dip in preparedness in 2025 was likely a byproduct of the shift from the Biden to Trump administrations.
“Whenever there is a change in administration,” she says, “employers face a period of uncertainty as new regulatory agendas and enforcement priorities take shape.”
This is “especially pronounced” in the employment realm, she adds.
Researchers found that resource constraints could also be an influence: In-house litigation teams are shrinking, and hiring for law departments is slowing.
“While litigation spend remained steady last year, the share allocated to outside counsel declined; organizations are also reducing the number of firms they use for litigation,” researchers write.
Cybersecurity in focus
What litigation issues could be coming down the pike? The report suggests cybersecurity is going to remain a “dominant threat” for organizations.
Data breaches are on the rise, and federal oversight is dialing back, creating a “fragmented landscape” that is driving up the need for “proactive governance” to tackle both cybersecurity incidents and compliance gaps, researchers write.
“HR plays a critical role in strengthening cybersecurity because so much of an organization’s risk profile depends on employee behavior,” Cheeseman says.
Primarily, HR can shape a “culture of compliance,” setting the tone for how the workforce views security, which Cheeseman says is strongly linked to reducing the frequency and severity of cybersecurity incidents.
Partnering with IT will be critical, she adds.
“One key opportunity is the ability to reduce insider‑risk incidents by combining HR’s understanding of employee behavior and workplace dynamics with IT’s technical monitoring and response capabilities,” Cheeseman says.
A shifting risk landscape
While about 38% of organizations identified cybersecurity as the greatest area of risk in 2025, employment and labor disputes closely followed. About one-third of survey respondents expect that legal exposure in this area will increase in the next year.
Among those, they’re increasingly concerned about issues like disability accommodations and paid leave—and less about risk related to discrimination and harassment in the workplace, the report found.
Cheeseman says one area for HR opportunity is manager training: Ensure supervisors can identify the red flags suggesting an employee is facing an accommodations or leave issue so requests don’t fall through the cracks and exposure the organization to litigation.
“HR can reduce risk by creating a consistent, well‑documented process,” she says, “that prioritizes early engagement and clear communication.”
Credit: Source link
