A good friend recently shared with me the article Verizon GC on the Lessons Learned from Deal with Yahoo (use Linkedin for paywall access) because he thought it would be valuable information to add to my own cybersecurity knowledge toolbox. Given the experience Verizon’s GC has gained through this process, when he talks about lessons [...]
"Can I be held personally liable for my company's data breach?" That is one of the questions I am asked most frequently. The answer is "YES!" though the usual reasons provided are not nearly as straightforward as the one discussed in the video below.
The CIO Journal has an informative article, 4 Ways to Engage Executives in Cyber Risk, that discusses a handful of ideas that can be helpful for engaging company executives on the issue of cybersecurity risks. Here are the 4 steps it suggests: Host a cyber risk heat-mapping session Establish key risk and performance indicators Simulate [...]
Officer and director liability for cybersecurity incidents is a hot topic. It will only get hotter because, when it comes to risks impacting the company, the buck stops at the Board of Directors. As it should. Cybersecurity and corporate governance law are converging to develop a duty for the Board to be involved in cybersecurity issues [...]
In his latest Ethical Boardroom article, Shawn Tuma explains why it is important for board members to have an active role in their company's cybersecurity preparation and tells them several key steps they can take to do so. Tuma also explains why cybersecurity is as much a legal issue and business issue as it is [...]