Cybersecurity is a team sport and many people within a business must work together to help effectively manage their businesses’ cyber risk. In-house counsel plays a critical role in this process. A recent Law360 article (subscription required) identified the following key things they can do:
- Develop, implement, and table-top test an incident response plan
- Advise executives on their ethical obligations (and make sure to mention insider trading on knowledge of cyber incidents)
- Have an awareness of applicable laws and regulatory standards
- Understand and help manage third-party risk from vendors and business partners
I am adding one more because it is critical: Ensure the business has appropriate cyber insurance to address its unique risks.