The Indiana University Maurer School of Law recently released “The Emergence of Cybersecurity Law”, an industry whitepaper discussing the role of corporate counsel on preparing for and responding to cyberattacks.
The whitepaper underscores the necessity of corporate counsel shifting from the historical role of post-security incident response to one where they are leading the company’s effort to put in place tools, training and response strategies before the occurrence of a security incident. This proactive approach, according to the whitepaper, will improve the company’s response and prevent further escalation of the incident. Corporate counsel’s role includes coordinating the creation of a cybersecurity plan for the organization, working with IT, risk management, the board and senior management. The whitepaper highlights 10 points of focus for corporate counsel, including working with legal counsel familiar with a cybersecurity program, training employees on incident avoidance and breach response and looking at potential insurance coverage to manage risks.