1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Enterprises overlook legal issues in breach preparedness

Discussion in 'CSO' started by RSS, May 1, 2015.

  1. RSS

    RSS New Member Member

    Companies preparing for data breaches and cyber security incidents too often focus on the technology and overlook the legal aspects.

    In a recent study by Hanover Research, for example, while about 54 percent of companies conducted a cyber threat audit -- but only 33 percent involved their legal departments in the process.

    "Companies are more likely to involve lawyers as a reactive measure, after an incident has occurred, rather than as a proactive measure," researchers said in their report, which was based on a survey of corporate law departments conducted on behalf of Indiana University's Maurer School of Law.

    MORE ON CSO: 10 mistakes companies make after a data breach

    This is a problem, because IT or security staff typically focus on physical and electronic security, not necessarily the legal, compliance, or privacy issues of a data breach, said Scott Vernick, the head of the data protection and privacy practice at the law firm of Fox Rothschild LLP, in Philadelphia.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page