An independent cybersecurity review across major Minnesota law firms reveals a wide range of results. Many organizations handle sensitive communications daily, yet show significant gaps in email authentication and transport security.
Using data from audit.emailmenow.com, we evaluated each domain across email, website, and network security — including SPF, DKIM, DMARC, MTA-STS/TLS, and security headers.
Cybersecurity Scores of Major Minnesota Law Firms
Overall compliance scores from audit.emailmenow.com, measured June 5, 2026. Re-run any domain at the link to verify. Briggs and Morgan combined with Taft effective January 1, 2020 — score audited on taftlaw.com.
| Rank | Law Firm | Overall Score | Performance |
|---|---|---|---|
| 1 | Dorsey & Whitney | 60% | Above Average |
| 2 | Larkin Hoffman | 58% | Average |
| 3 | Winthrop & Weinstine | 54% | Average |
| 4 | Robins Kaplan | 48% | Below Average |
| 5 | Stinson | 48% | Below Average |
| 6 | Faegre Drinker | 44% | Below Average |
| 7 | Briggs and Morgan (Taft) | 38% | Weak |
| 8 | Fredrikson & Byron | 38% | Weak |
| 9 | Leonard Street Deinard | 38% | Weak |
| 10 | Gray Plant Mooty | 30% | Weak |
What the Results Reveal
- Best performer: Dorsey & Whitney leads at 60% — no firm reached 70%+.
- Lowest performer: Gray Plant Mooty at 30%.
- 9 of 10 scored below 60%, leaving client communications exposed to spoofing and BEC.
- Common gaps include weak DMARC enforcement and missing MTA-STS.
Why This Matters in Minnesota
Minnesota law firms handle privileged client information across corporate, litigation, and regulatory matters. Weak email security increases Business Email Compromise, domain spoofing, and confidentiality risks under the Minnesota Rules of Professional Conduct.
See also — national audit
Recommendations
- Enforce DMARC (
p=reject), strict SPF, and DKIM signing. - Add MTA-STS and website security headers.
- Run periodic domain audits and security awareness training.
Check any organization’s posture. Run a free Instant Cybersecurity Audit at audit.emailmenow.com/?industry=law-firms.
Contact EmailMeNow IT Consulting for help with email security hardening and compliance documentation.
Source & methodology: Overall compliance scores from the free scan at audit.emailmenow.com, measured June 5, 2026 — each domain checked for email authentication (SPF, DKIM, DMARC), transport security (MTA-STS/TLS), website security headers, and network security. Re-run any domain at the link to verify.