Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Why every CIO needs a cybersecurity attorney

Kacy Zurkus | Aug. 5, 2015
Distinguishing the technical experts from those responsible for legal obligations and risks will help companies develop better breach response plans. Understanding the role of an external cybersecurity firm will only help.

Cybersecurity attorneys are experts in incident response, and, as Thompson says, "Counsel and public relations should run the incident. IT provides them with the information to make decisions, but in reality, 99 percent of incident response and forensics is run through IT, not counsel." The risk in IT running the incident response is that they are not versed in the policies and procedures of custodianship of data.

If their budgets present limitations, in-house attorneys who are informed on cybersecurity laws can play similar roles in response planning. According to Sheehan, "If there is no in-house counsel, they should examine their budget to prioritize having outside counsel, which will save money in the big picture by decreasing the impact of breach and litigation expenses."


Previous Page  1  2  3 

Sign up for Computerworld eNewsletters.