IN THE PROFESSION
• interest to underwriters and carriers in the cyber space : ¤ The number of records containing personal data processed by your business
¤ The content and frequency of security training provided to your employees and contractors ( e . g ., around phishing )
¤ Tools used to block malicious software and attachments
¤ Authentication of remote users ( e . g ., multi-factor authentication )
¤ Type and cadence of vulnerability scans and penetration tests
• Vendor Management Protocols : As some recent ( and not-so-recent ) data breaches have shown , sometimes the weakest link in your security posture is a third ( or fourth ) party which may not have the same controls in place as you do . Having a process in place for screening and monitoring vendors
( even ones that might not seem that mission critical ) is key .
Key Takeaways
Cybersecurity is increasingly an indispensable and unavoidable aspect of any corporate counsel ’ s or business attorney ’ s portfolio . Boards and potential investors are increasingly focused on it , and regulators ( and plaintiffs ’ attorneys ) certainly are . Attorneys need to educate themselves about the various mitigation strategies and honestly assess whether they have the expertise and resources to develop and implement a sufficient mitigation strategy , or whether to seek outside counsel . The Atlanta Bar ’ s Privacy & Cybersecurity Section was created , in part , to serve as a network through which corporate and business counsel can find the education , resources , and professionals they need to serve their clients in this rapidly evolving area . Join us !
Have You Ever Wanted to be Published ?
The Editorial Board invites you to submit your articles and article ideas to be considered for publication in upcoming issues of The Atlanta Lawyer . Submit your ideas to jcoleman @ atlantabar . org
atlantabar . org
PHOTO CREDIT : PIXABAY . COM www . atlantabar . org THE ATLANTA LAWYER 25