But new data from Fox Rothschild indicates that a surprising number of corporate directors still aren’t trained to prevent such attacks. The new survey, released Wednesday, revealed that while 68 percent of respondents’ companies train employees on cybersecurity issues, and one-third train employees to prevent data breaches, only 14 percent train directors in these areas.
“Just because you have initials or a title following your name doesn’t mean you are less vulnerable,” said Elizabeth Litten, Fox Rothschild’s privacy and data security practice co-chair. “You might be more vulnerable to phishing attempts targeting large quantities of data. I think that’s a big mistake.”
Some 52 percent of respondents said executive and board awareness of cybersecurity issues was more important for company privacy than general employee awareness. But this sentiment didn’t seem to translate into actually keeping the board informed. Of the 53 survey respondents— CLOs, GCs and other in-house counsel at large companies— 27 percent never report to their directors on cybersecurity and data privacy.
“[Executives] should be asking the basic questions on a regular basis, to whoever is handling their IT issues, rather than just assuming, ‘Well I’ve delegated this downstream and I don’t have to worry about it,’” Litten said.
While more than half of executives reported their companies are at a high or very high risk for an attack and 75 percent have recently been impacted by phishing, 53 percent said they don’t have adequate cybersecurity and data privacy budgets to deal with a breach.
Two-thirds of the respondents spend less than 10 percent of their IT budgets on programs related to cybersecurity. That’s a figure that Mark McCreary, Fox Rothschild’s chief privacy officer and co-chair of its privacy and data security practice called the “bare minimum,” as the report notes the average cost of a data breach hovers near $6 million.
“Any company not dedicating at least 20 percent of their budget toward security on a baseline year, not an odd year, is making a mistake,” McCreary said. “It’s not ‘you buy something one year and you’re done.’ The tactics change, the ability to fight [breaches] changes.”
Caroline covers the intersection of tech and law for Corporate Counsel. She's based in San Francisco. Find her on Twitter @CarolineSpiezio.
"Nothing gets the hungry lawyer s juices flowing like a big new project, but the temptation to dive in and start lawyering must be resisted. Planning comes before execution. And it is incumbent on the lawyer, not the client, to initiate that planning."
In the coming months, there will be a great deal of information and regulatory and judicial action that will act as guidance, or more precisely, a checklist of what-not-to-do, for companies that suffer a data breach.
Brad Perry, Glenn O Brien and Scott Paster of Canon Discovery Services discuss industry trends, how firms and corporate counsel can thrive in the current environment, and the company s 30-year track record of solving lawyers challenges.
With this subscription you will receive unlimited access to high quality, online, on-demand premium content from well-respected faculty in the legal industry. This is perfect for attorneys licensed in multiple jurisdictions or for attorneys that have fulfilled their CLE requirement but need to access resourceful information for their practice areas.
Our Team Account subscription service are for legal teams of four or more attorneys. Each attorney is granted unlimited access to high quality, on-demand premium content from well-respected faculty in the legal industry along with administrative access to easily manage CLE for the entire team.
Gain access to some of the most knowledgeable and experienced attorneys with our 2 bundle options! Our Compliance bundles are curated by CLE Counselors and include current legal topics and challenges within the industry. Our second option allows you to build your bundle and strategically select the content that pertains to your needs. Both option are priced the same.
Dynamically explore and compare data on law firms, companies, individual lawyers, and industry trends.
Exclusive Depth and Reach.
Legal Compass includes access to our exclusive industry reports, combining the unmatched expertise of our analyst team with ALM’s deep bench of proprietary information to provide insights that can’t be found anywhere else.
Big Pictures and Fine Details
Legal Compass delivers you the full scope of information, from the rankings of the Am Law 200 and NLJ 500 to intricate details and comparisons of firms’ financials, staffing, clients, news and events.
As part of your digital membership, you can sign up for an unlimited number of a wide range of complimentary newsletters.
Visit your My Account page to make your selections. Get the timely legal news and critical analysis you cannot afford to miss.
Tailored just for you. In your inbox. Every day.