Below is an excerpt from an article that appears in Metropolitan Corporate Counsel's (MCC) April 2017 edition. "Asking Tough Questions to Prepare for a Breach" is a review piece on a webinar hosted by MCC and presented by iDS' Managing Director Julian Ackert and Drew Sorrell, a Partner at Lowndes, Drosdick, Doster, Kantor & Reed, P.A. The webinar, "Data Breach Response: Orchestrating Legal & Technical Resources to Contain & Mitigate," took place on March 9, 2017. A link to it can be found HERE.
In addition, a March lead-in article from Mr. Ackert, "5 Steps to Help Mitigate Insider Theft," can be found HERE.
When Ackert began talking about preventing breaches, he started with a question: “What does it mean to be a cybersecure organization?” To answer, he turned to a study published by the Ponemon Institute in October 2016. Companies that do this right, he said, treat security as a “forethought” rather than an “afterthought.” They protect data proactively with technology and processes. They assess and audit third-party risk, and they don’t overlook threats within the company.
How should a company get started? The first thing is to be sure you have the right mix of resources. You’re going to need technical, legal and executive expertise, Ackert said. The need for C-level involvement is obvious, he said, because you need “budget and priorities” established and pushed down from the organization’s leadership.
Download Keys to Today’s Information Governance Landscape