IT has an indisputably important role in implementing a defense-in-depth cybersecurity strategy, however, the legal team is also a crucial part of a company's cyber program. With input from technical and legal experts, this three-part series addresses what attorneys need to understand about how security technologies are used to mitigate breach risk. This first installment explores the knowledge base needed depending on the lawyer’s role, whether security certification is necessary, technology’s overall role in mitigating risk, and surveys certain technologies and techniques, such as pen testing. Part two will address additional security techniques, including red teaming, vulnerability scanning and social engineering. Part three will cover cloud security and hacking back and its potential value in securing data. See also our three-part series on when and how legal and information security should engage on cyber strategy: “It Starts With Governance” (Mar. 28, 2018); “Assessments and Incident Response” (Apr. 11, 2018); “Vendors and M&A” (Apr. 18, 2018).