In today’s companies the sphere of influence of CIOs is dramatically increasing vis-a-vis other C-Suite executives. This point was nicely made in a blog I read earlier this morning entitled CIO’s Seven Points of Key Influences that was written by Pearl Zhu. I believe that influence is even broader and also includes influence over legal issues as well.
Pearl’s post discusses the seven points of CIO’s influences: Strategy, Innovation, Technology, Culture, Talent, Sustainability, and Influencer. In fact, Pearl appropriately describes the CIO as being the Chief Influence Officer:
“Chief influence officer is the most persistent persona for CIO in 21st century, since the technology is ubiquitous in information age, however, the traditional big-box hardware style of IT infrastructure is disappearing, and more invisible digitized IT backbone based on Cloud computing is emerging, modern CIO is no longer just a chief infrastructure officer to manage back-office of functional IT, the strategic role is more based on the influence made across the organizational boundary, from innovation to sustainability, from talent management to cultural transformation.”
I agree! I would encourage you to read her blog as her arguments are convincing. But, I would also add an eighth:
Few would disagree that data breach has been one of the leading news stories of the year. This is not going to change any time soon as we continue to learn about more and more data breaches on a daily basis. When a company is hit with a data breach, it can cause catastrophic harm to the company’s bottom line in many ways because of the legal implications associated with the breach, whether it be an internal breach or the more notorious external hacking.
These events can be so substantial that they can threaten the very life of the company. Who other than the CIO is best equipped to understand the technical and practical side of these issues? Just consider the follow issues, which are becoming more and more common issues that companies need to address in the Information Age:
Securing the network from outside intrusion;
Determining appropriate insurance coverage to protect against data breach and privacy risk;
Developing appropriate policies for computer access and use;
Integrating technological restrictions on access to certain information;
Developing and implementing systems for monitoring or, at least, recording certain activities on the computer network; and
Securing and preserving reliable information for investigators concerning what information is compromised and, when possible, securing all available data to potentially track the intruder.
These are just a few of the issues that I thought of based upon recent “real world” events — I am sure you can think of many more. Come on, help me out here — tell me in the comments what other legal issues you can think of!
Oh, and there is one more — one that is particularly important: Last, but not least, the CIO can a great help in finding great outside legal counsel to assist with handling all of these issues!
Shawn is an experienced cybersecurity and data privacy attorney who helps businesses protect their information and protect themselves from their information. He has been practicing in this area for nearly two decades and represents clients across the United States in dealing with cybersecurity, data privacy, computer fraud related legal issues and cyber-related litigation.
In recognition of his extensive experience, in 2016 the National Law Journal selected him as one of its Cybersecurity & Data Privacy Law Trailblazers, D Magazine selected him as one of the Best Lawyers in Dallas, and SuperLawyers selected him as one of the Top 100 Lawyers in Dallas / Fort Worth.
Shawn frequently assists clients with privacy incidents and data breach responses, both as cyber insurance panel counsel and direct engagements. For proactive companies, an ideal role for him is to serve as a member of their team as outside cybersecurity counsel to help them proactively prepare for and minimize its risks of doing business in today’s cyber risk-laden business world. Then, if a problem does arise, he is there to guide them through resolving those issues as well.
He has worked his entire career as both a cyber lawyer and a complex business trial lawyer, which is a relatively unique combination. His cyber law, business law, and litigation experience equips him with unique skills for helping businesses assess, avoid, and resolve problems in a very expeditious manner.
He has developed a unique expertise that allows him to help businesses assess the specific risks they face, audit their existing preparation and defenses, develop a strategy to minimize the identified risks based on threat level, and then execute the plan by developing and implementing protocols, policies, training, and coordinating third party assistance needed to effectively protect the business, complying with their legal and regulatory cybersecurity risks.
Shawn serves the Bar and Profession in many capacities and has been selected for several professional honors:
• Board of Advisors, University of North Texas Cyber Forensics Lab
• Board of Directors & General Counsel, Cyber Future Foundation
• Cybersecurity & Data Privacy Law Trailblazers, National Law Journal (2016)
• Top 100 Lawyers in Dallas / Fort Worth, SuperLawyers (2016)
• SuperLawyers 2015-16 (IP Litigation)
• Best Lawyers in Dallas 2014-16, D Magazine (Digital Information Law)
• Council, Computer and Technology Section, State Bar of Texas
• Chair, Collin County Bar Association Civil Litigation & Appellate Section
• College of the State Bar of Texas
• Privacy and Data Security Committee of the State Bar of Texas
• Litigation, Intellectual Property, and Business Sections, State Bar of Texas
• Information Security Committee of the Section on Science & Technology Committee of the American Bar Association
• Social Media Committee of the American Bar Association
• North Texas Crime Commission, Cybercrime Committee
• Information Systems Security Association (ISSA)
• International Association of Privacy Professionals (IAPP)
• Advisory Board, Optiv Security (fka Accuvant + FishNet Security)
• Contributor, Norse’s DarkMatters
• Editor, Cybersecurity Business Law Blog
Shawn is an accomplished author with several published works on various legal-technology topics. He is a frequent speaker on business cyber risk issues such as cybersecurity, computer fraud, data privacy, and social media law. You can reach Shawn by telephone at 214.472.2135, or email him at firstname.lastname@example.org.
A list of Shawn’s recent presentations and publications is available here: https://shawnetuma.com/about-the-author/presentations-publications/
View all posts by Shawn E. Tuma