The Indiana University Maurer School of Law recently released “The Emergence of Cybersecurity Law”, an industry whitepaper discussing the role of corporate counsel on preparing for and responding to cyberattacks.

The whitepaper underscores the necessity of corporate counsel shifting from the historical role of post-security incident response to one where they are leading the company’s effort to put in place tools, training and response strategies before the occurrence of a security incident.  This proactive approach, according to the whitepaper, will improve the company’s response and prevent further escalation of the incident.  Corporate counsel’s role includes coordinating the creation of a cybersecurity plan for the organization, working with IT, risk management, the board and senior management. The whitepaper highlights 10 points of focus for corporate counsel, including working with legal counsel familiar with a cybersecurity program, training employees on incident avoidance and breach response and looking at potential insurance coverage to manage risks.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Kathleen Porter Kathleen Porter

Kathy Porter’s practice straddles the areas of intellectual property, business transactions, trade regulation, and Internet law and includes import/export control issues, such as compliance and enforcement, competition, privacy, and data security. She counsels businesses on the development and implementation of data security and…

Kathy Porter’s practice straddles the areas of intellectual property, business transactions, trade regulation, and Internet law and includes import/export control issues, such as compliance and enforcement, competition, privacy, and data security. She counsels businesses on the development and implementation of data security and privacy practices to comply with the patchwork of laws and rules applicable to the collection, use, safeguarding, sharing, and transfer of protected or personal data. She regularly structures arrangements with promoters, marketers, website exchanges, and other third parties for the purchase, sale, sharing, and safeguarding of personal data. Kathy prepares and negotiates representations, warranties, and indemnities regarding personal or protected data and privacy and data practices. She also assists clients with privacy audits and works with third-party certification organizations to obtain certification of companies’ privacy practices. She guides clients through internal investigations to assess and address notice and other obligations regarding privacy breaches. Kathy often works closely with our litigation attorneys to manage external investigations such as those by federal or state regulators. Read her rc.com bio here.