Cybersecurity is a growing concern for GCs


By Melissa Lesh

19 March 2014 at 12:06 BST


Lawyers at the International Association of Privacy Professionals Global Summit said companies should develop a protocol for revealing cybersecurity threats.

Moon Light PhotoStudio

The Security and Exchange Commission (SEC) does not force companies to reveal cybersecurity breaches, but it has begun to review public company disclosures.  At present, ‘there is no existing rule, requirement or regulation that actually references cybersecurity,’ Elaine Wolff, a partner at Jenner & Block and moderator of the session on the SEC and cybersecurity, told delegates. She referenced the 2013 data breach at Target Corp for which there was no official protocol to disclose it to shareholders or the SEC.

The primary issue

The SEC will review its own cybersecurity policies in the coming year, and it is currently working on a data breach preparedness test for companies.  Quoting a recent survey, Mary Ellen Callahan, chair of Jenner & Block’s Privacy and Information Governance Practice, said general counsel had  named cybersecurity their primary issue for three years running.  Source: Bloomberg BNA
 

 
   
 
 
 

Also read...

Newspaper finds veteran legal counsel at heart of Google scandal

A scandal that engulfed Google had a veteran Silicon Valley corporate counsel at the heart of it all, says New York Times.