How to prevail when technology fails - Flipbook - Page 44
44 | How to prevail when technology fails
Fig 21 Legal teams are seldom involved in developing cyber incident-response plans
IT
Compliance
Legal (excluding compliance)
80%
63%
31%
The C-suite
14%
Q. Which of the following teams are involved in the creation of your company’s cyber incident-response plan?
Creating a comprehensive cyber plan requires
multiple parts of your business to collaborate, and
silos between management, technology teams, legal
teams, and privacy specialists to be broken down.
Our survey results show that there is a collaboration
gap: legal teams are involved in creating
cybersecurity incident response plans at just 31% of
our surveyed businesses.
In our experience if legal teams do not contribute to
cybersecurity incident response plans – or worse,
if you do not have one in the first place – there is
increased risk that vital action that could better
position the company for any potential investigation
or litigation will not be taken in the immediate
aftermath of a data breach.
For example, when a major breach happens, key
regulators will almost certainly need to be informed
and, where possible, privilege should be maintained.
That means legal teams need to be involved in the
response from the start. You may also want the
legal team to review communications to customers
and the media. Taking these actions swiftly and
effectively puts you in a much better position if
there is a subsequent regulatory investigation
or litigation.
“We haven’t had a major cyber event, but if one
occurs, the cat is out of the bag and you’re inevitably
going to have a lot of litigation risk at that point,”
says the Head of Litigation at a public company.
“But by simply having lawyers and litigators looped
in immediately you can to an extent mitigate that
risk in real time. You may for example be able to
keep things under privilege to some extent and will
know when to contact the appropriate regulator.
Just having our head of privacy, general counsel and
myself in the loop right away on a major incident is
the best solution to allow us to identify issues.”
“The legal team has focused on training and raising awareness across
the business about cybersecurity risks. We have also established certain
protocols about how to respond as soon as we learn of a breach. This
goes beyond what we are required to do from a legal perspective to
address what we should do from an ethical perspective.”
Matthew Owens | Global Head of Legal, Digital, Novartis