3 Key Points the Board Needs to Know About Cybersecurity

Officer and director liability for cybersecurity incidents is a hot topic. It will only get hotter because, when it comes to risks impacting the company, the buck stops at the Board of Directors. As it should.

Cybersecurity and corporate governance law are converging to develop a duty for the Board to be involved in cybersecurity issues that affect the company. (related posts) The question is, however, on how granular of a level should the Board’s role be when it comes to cybersecurity?

In a recent CIO article, What the Board Needs to Know About Cybersecurity Compliance, Peter Purcell explains why the Board should focus on the following 3 areas, which are well worth your time to read:

  1. How critical business processes would be affected by a breach
  2. How decisions are made in an emergency
  3. How company compliance can impact a breach

______________________

Shawn Tuma (@shawnetuma) is a business lawyer with an internationally recognized reputation in cybersecurity, computer fraud and data privacy law. He is a Cybersecurity & Data Protection Partner at Scheef & Stone, LLP, a full-service commercial law firm in Texas that represents businesses of all sizes throughout the United States and, through its Mackrell International network, around the world.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s