Does the board of directors' duty of oversight over their companies' cybersecurity require the individual directors to become experts on cybersecurity? That is a fair question and one that I've seen many people have difficulty understanding. The answer is "no," as explained by Michael Santarcangelo (@catalyst) in his CSO article Why the board needs security leaders [...]
A good friend recently shared with me the article Verizon GC on the Lessons Learned from Deal with Yahoo (use Linkedin for paywall access) because he thought it would be valuable information to add to my own cybersecurity knowledge toolbox. Given the experience Verizon’s GC has gained through this process, when he talks about lessons […]
I was a guest recently on the Down the Security Rabbithole Podcast to talk about cybersecurity law with hosts Rafal Los (@Wh1t3Rabbit) and Michael Santarcangelo (@Catalyst). As always, it was a blast! Listen to the Podcast Join the #DtSR Discussion on Twitter For more great #DtSR content, check out the full Down the Security Rabbithole Podcast homepage and also check […]
What are the pros and cons of a national breach notification law? What are the questions that need to be asked to facilitate this discussion? What are the critical points that need to be made?