Lawyers Must Master Cybersecurity Risk Management According to Study

New study provides cybersecurity insights for corporate counsel (Hogan Lovells, 24 Feb 2015) – A recently-released research study published by Indiana University’s Bloomington School of Law highlights the rising importance of cybersecurity law and provides current insights on the role lawyers are playing to help protect companies from cyber threats. The study, entitled “ The Emergence of Cybersecurity Law ,” is based on a survey of corporate law departments as well as interviews conducted with lawyers, consultants, and academic experts. The report finds that although companies increasingly recognize the importance of cybersecurity, few are fully prepared to face the challenge. Substantial numbers of corporate leaders lack confidence in their organizations’ level of preparedness-in part the result of a shortfall of cybersecurity literacy within organizations. While cybersecurity may once have been the domain of IT professionals, companies now recognize that having legal and other disciplines engaged is also necessary. The implication is that lawyers must master the patchwork of legal issues and regulations relevant to cybersecurity risk management, while developing sufficient technical vocabulary to ask the right questions of their IT counterparts. Despite the accelerating frequency of cybersecurity incidents, the report finds that companies still too often turn to lawyers only as a reactive measure rather than as part of a proactive process. To help companies protect their employees and customers from cyber threats, the report recommends that corporate counsel follow a 10-point cybersecurity agenda first proposed in 2012 by Hogan Lovells Partner Harriet Pearson: * * *


Provided by MIRLN.

Image courtesy of