CYBERSECURIT Y
Three Best Practices for Preparing a Defensible Breach Response Plan By RAY PATHAK they happen. Instead, they must be proactively engaged in defining an incident response plan, training the staff to carry out the plan and coordinating the activity during the event. And they need to start now.
NEW CHALLENGES FOR THE GENERAL COUNSEL
F
ootball teams understand that it’s hard to be a contender without an elite quarterback running their offense. A top-tier quarterback excels at real-time situational awareness, clear communication with key personnel, and making sound decisions that put the team in a position to win. In a breach situation, the general counsel must serve as the primary signal-caller, ensuring that all of the legal facets of incident response are coordinated
18
across a large and growing set of internal and external stakeholders. The ACC’s 2021 Chief Legal Officers Survey found that “cybersecurity, compliance, and data privacy top the list as the most important issue areas for businesses rated by CLOs. However, this year for the first time, cybersecurity has overtaken compliance for the number one spot.” Because the stakes are so high, the general counsel can no longer afford to be passive and react to data incidents and breaches as
TODAYSGENERALCOUNSEL.COM JULY/AUGUST 202 2
Beyond navigating through evolving regulatory challenges, the general counsel must also grapple with today’s most pressing cyberthreat — ransomware, and the real possibility that a data breach will expose them to financial penalties for not taking proper care of their customer’s private information. The Department of the Treasury’s Office of Foreign Assets Control (OFAC) recently ruled that the payment of a ransom might violate federal anti-terrorism laws. This means organizations may find themselves in an impossible position: Either pay up to save your data and risk criminal exposure or face expensive fines for violating data privacy laws. And if that weren’t bad enough, criminals are getting more devious with their tactics. New threats are being deployed, such as “double extortion,” by which ransomware operators not only demand payment to decrypt files but also threaten to leak sensitive data as a means to exert additional pressure to extract payments. For general BACK TO CONTENTS
