Law.com Subscribers SAVE 30%
Call 855-808-4530 or email [email protected] to receive your discount on a new subscription.
Chief Legal Officers Taking Lead In Cybersecurity Policy, ACC Reports
In addition to helping make strategic business decisions, general counsel and chief legal officers are now often tasked with playing a leading part in a corporate cybersecurity and data privacy plan, according to the Association of Corporate Counsel's 2020 State of Cybersecurity Report.
The report shows that 71% of chief legal officers and general counsel play a leading role in crafting policy for how the company collects consumer data and its cybersecurity infrastructure.
Susanna McDonald, the chief legal officer and executive vice president of the ACC in Washington, DC, said earlier in her career those responsibilities were solely dedicated to the information technology department. The shift in giving more digital responsibility to the general counsel and the legal department has been caused by a patchwork of evolving regulation.
"More and more business is being conducted online. It is every company's primary engagement with their suppliers, customers and employees," McDonald said.
The legal department as a whole is becoming more involved with data privacy and cybersecurity. Forty-nine percent of respondents indicated their legal departments take on additional responsibilities when it comes to data privacy and cybersecurity. Less than 1% of respondents said their legal departments would decrease their role over the next 12-24 months.
Those increased responsibilities for the legal department would be keeping an eye on changes in the regulatory environment and following how decisions by the regulatory agencies impact how the organization collects and uses data.
McDonald said in-house counsel are also becoming increasingly responsible for educating employees on best practices.
"It's an unfortunate reality that the biggest threat to an organization's cybersecurity is the employees themselves. It's important that the legal department and the IT department work closely to educate employees on how to prevent something like a phishing attack," McDonald said.
Just over 43% of legal departments with over 50 employees have at least one dedicated in-house cybersecurity counsel. Sixty percent of those respondents indicated that they have at least one lawyer who is responsible for coordinating cyber law strategy across the entire enterprise.
The remaining 40% of those respondents said they have a lawyer who focuses on one small aspect of cybersecurity, but on one who is responsible for an enterprise wide view of cybersecurity.
While general counsel and chief legal officers may play a leading role in cybersecurity and data privacy planning, they often do not have the final say, according to the report. Only 17% of respondents indicated the general counsel or chief legal officer oversees their company's cybersecurity and data privacy functions.
Many of the respondents indicated their companies have separate data privacy and cybersecurity functions. In those situations, 45% of respondents indicated the general counsel or chief legal officer oversees the data privacy function but not the cybersecurity function. The inverse of that is rare with only 1% of general counsel or chief legal officers overseeing cybersecurity and not data privacy.
The report surveyed 586 law departments across 36 countries and 20 industries.
*****
Dan Clark covers cybersecurity, legal operations and intellectual property for Cybersecurity Law & Strategy's ALM sibling, Corporate Counsel. Follow him on Twitter @Danclarkalm.
This premium content is locked for Entertainment Law & Finance subscribers only
ENJOY UNLIMITED ACCESS TO THE SINGLE SOURCE OF OBJECTIVE LEGAL ANALYSIS, PRACTICAL INSIGHTS, AND NEWS IN ENTERTAINMENT LAW.
- Stay current on the latest information, rulings, regulations, and trends
- Includes practical, must-have information on copyrights, royalties, AI, and more
- Tap into expert guidance from top entertainment lawyers and experts
Already a have an account? Sign In Now Log In Now
For enterprise-wide or corporate acess, please contact Customer Service at [email protected] or 877-256-2473
How Secure Is the AI System Your Law Firm Is Using?
In a profession where confidentiality is paramount, failing to address AI security concerns could have disastrous consequences. It is vital that law firms and those in related industries ask the right questions about AI security to protect their clients and their reputation.
COVID-19 and Lease Negotiations: Early Termination Provisions
During the COVID-19 pandemic, some tenants were able to negotiate termination agreements with their landlords. But even though a landlord may agree to terminate a lease to regain control of a defaulting tenant's space without costly and lengthy litigation, typically a defaulting tenant that otherwise has no contractual right to terminate its lease will be in a much weaker bargaining position with respect to the conditions for termination.
Pleading Importation: ITC Decisions Highlight Need for Adequate Evidentiary Support
The International Trade Commission is empowered to block the importation into the United States of products that infringe U.S. intellectual property rights, In the past, the ITC generally instituted investigations without questioning the importation allegations in the complaint, however in several recent cases, the ITC declined to institute an investigation as to certain proposed respondents due to inadequate pleading of importation.
The Power of Your Inner Circle: Turning Friends and Social Contacts Into Business Allies
Practical strategies to explore doing business with friends and social contacts in a way that respects relationships and maximizes opportunities.
Authentic Communications Today Increase Success for Value-Driven Clients
As the relationship between in-house and outside counsel continues to evolve, lawyers must continue to foster a client-first mindset, offer business-focused solutions, and embrace technology that helps deliver work faster and more efficiently.