Cybersecurity is a growing concern for GCs

By Melissa Lesh

19 March 2014 at 12:06 BST

Lawyers at the International Association of Privacy Professionals Global Summit said companies should develop a protocol for revealing cybersecurity threats.

Moon Light PhotoStudio

The Security and Exchange Commission (SEC) does not force companies to reveal cybersecurity breaches, but it has begun to review public company disclosures.  At present, ‘there is no existing rule, requirement or regulation that actually references cybersecurity,’ Elaine Wolff, a partner at Jenner & Block and moderator of the session on the SEC and cybersecurity, told delegates. She referenced the 2013 data breach at Target Corp for which there was no official protocol to disclose it to shareholders or the SEC.

The primary issue

The SEC will review its own cybersecurity policies in the coming year, and it is currently working on a data breach preparedness test for companies.  Quoting a recent survey, Mary Ellen Callahan, chair of Jenner & Block’s Privacy and Information Governance Practice, said general counsel had  named cybersecurity their primary issue for three years running.  Source: Bloomberg BNA


Also read...

Antitrust's crime and punishment

Global antitrust trends see politicisation and digital economy posing risks as regulators up policing and enforcement.