According to a recent report from Kroll, a cybersecurity research and consulting firm, the need for more holistic data security will be of the utmost importance to the C-suite in the next year. Not only is the increased activity in cybercrime expected to continue to climb, but more scrutiny is expected to be placed on the executives responsible for making the decisions concerning data protection and privacy.

Kroll’s 2014 Cyber Security Forecast indicates that increasing pressure from regulatory bodies like the Federal Trade Commission (FTC) as well as internal audit committees will hold executives more accountable to ensure proper security around the private information gleaned from employees and customers in the coming year. The limelight cast on privacy issues resulting from the fallout of the Edward Snowden leaks has brought this conversation to the forefront, and Kroll asserts that new regulations will stem from the data security framework recently set up by the National Institute of Science and Technology (NIST).

“This trend will move the U.S. in the direction of the EU, where there is a greater recognition of privacy as a right,” said Alan Brill, senior managing director at Kroll, said in a statement. “As new laws evolve that reflect the NIST guidelines and look more like the EU privacy directive, some U.S. companies will find themselves ill-prepared to effectively respond to the regulations.”

Organizational leaders will need be aware of developments in the security space and be prepared to implement tools in their strategy to mitigate threats, Kroll says. Because of the increasing financial risk associated with the mitigation and remediation of data breaches, it’s imperative for those at the top levels of companies to know the risks of the space and tools at their disposal.

In addition to the increased risk of outside attack, the Kroll report also indicated the likelihood of data security risk from inside threats. The insider threat is insidious and complex. Thwarting it requires collaboration by general counsel, information security, and human resources. SEC breach disclosure of “material losses” may be the model for rules requiring a company to be more transparent and answerable for allowing bad actors to go unpunished,” said Tim Ryan, managing director and Cyber Investigations practice leader.


Cybersecurity is of increasing concerns to the general counsel, for more information on the threat check out these stories:

Experts voice adoption, privacy concerns over NIST cybersecurity framework

Multiple companies trying to mitigate Adobe data breach

Payment Card Industry issues new credit card security standards

Why collaborating on technology is important for in-house counsel