So often articles related to cybersecurity focus solely on assessment and preparedness against external forces (e.g., cybercriminals, hackers, ransomware, etc.), yet do not convey the full array of protections necessary to ensure complete cyberpreparedness for a business. By contrast, this article explores the less talked about, but equally important, intersection between cybersecurity and employment law to demonstrate why businesses must also be protected from internal forces. Only by realizing the importance and necessity of maintaining, reviewing, and constantly updating policies, procedures, protocols, and training will a business be able to face any cyber-related issue without delay and/or major institutional damage.
In a time when there is rarely a day that goes by when the subject of cybersecurity is not at the forefront of news stories, it is commonplace to hear horror stories of businesses where a disgruntled executive departs and exposes his or her former company to privacy attacks or the innocent actions of an employee, i.e., opening a suspicious email, compromises key proprietary data. In addition to the standard protections from external forces, to ensure continued success and safety, businesses must—without delay—learn how and why to assess their current cyber-preparedness, particularly against careless use of electronic mail, internet usage, electronic data and equipment, and rogue employees.
