Business leaders are beginning to understand that cyber is not just an IT issue, a legal issue, or any other silo-ed issue, but that it is an overall business risk issue and that makes managing cyber risk a team sport. This week I had the privilege of moderating a panel discussion that was titled "Sharing … Continue reading Sharing the Load: What are Chief Privacy Officers, Chief Information Security Officers, and General Counsel Doing in Real Life to Divide Up Roles and Responsibilities? (conference panel discussion)
Cybersecurity is a team sport and many people within a business must work together to help effectively manage their businesses' cyber risk. In-house counsel plays a critical role in this process. A recent Law360 article (subscription required) identified the following key things they can do: Develop, implement, and table-top test an incident response plan Advise … Continue reading 5 Key Things In-House Counsel Can Do to Help Their Businesses’ Cybersecurity
In my latest article in Ethical Boardroom article, I explain some of the not-so-obvious reasons why you need an experienced cyber attorney on your team: Why you need a cyber attorney (Spring 2018) Here are other Ethical Boardroom (@EthicalBoard) articles that I have written or contributed to that are also available for free: Cybersecurity: A Fiduciary Duty … Continue reading Why do you need a cyber attorney? Shawn Tuma explains in Ethical Boardroom
“Corporate insiders who learn inside information, including information about material cyber intrusions, cannot betray shareholders for their own financial benefit.” Richard R. Best, SEC - Atlanta Division For years many in the cybersecurity/data breach space have been saying that somebody is going to have to go to jail before corporate decision-makers begin to take cybersecurity … Continue reading Do data breaches have consequences? Will Equifax CIO serve jail time for insider trading?
In the last quarter of 2017, I have observed a cybersecurity trend that has given me more hope than any that I have seen previously. Let me explain. As an attorney, I have been practicing what can generally be described as cyber law or cybersecurity law since 1999, which means that my practice has evolved a lot … Continue reading The Most Positive Cybersecurity Trend I Have Seen in Nearly 20 Years!