Taking Control of Cybersecurity: A Practical Guide for Officers and Directors

11 March 2015 White Paper Publication
Author(s): Chanley T. Howell James R. Kalyvas Michael R. Overly

White Paper

To help these decision makers get their arms around cybersecurity issues, Foley Partners Chanley T. Howell, Michael R. Overly, and James R. Kalyvas have published a comprehensive white paper entitled: Taking Control of Cybersecurity — A Practical Guide for Officers and Directors.

The white paper describes very practical steps that officers and directors should ensure are in place or will be in place in their organizations to prevent or respond to data security attacks, and to mitigate the resulting legal and reputational risks from a cyber-attack. The authors provide a blueprint for managing information security and complying with the evolving standard of care. Checklists for each key element of cybersecurity compliance and a successful risk management program are included.

Excerpt From Taking Control of Cybersecurity: A Practical Guide for Officers and Directors

Sony, Target, Westinghouse, Home Depot, U.S. Steel, Neiman Marcus, and the National Security Agency (NSA). The security breaches suffered by these and many other organizations, including most recently the consolidated attacks on banks around the world, combined with an 80 percent increase in attacks in just the last 12 months, have catapulted cybersecurity to the top of the list of priorities and responsibilities for senior executives and board members.

The devastating effects that a security breach can have on an enterprise, coupled with the bright global spotlight on the issue, have forever removed responsibility for data security from the sole province of the IT department and CIO. While most in leadership positions today recognize the elevated importance of data security risks in their organization, few understand what action should be taken to address these risks. This white paper explains and demystifies cybersecurity for senior management and directors by identifying the steps enterprises must take to address, mitigate, and respond to the risks associated with data security.

Officers and Directors are Under a Legal Obligation to Involve Themselves in Information Security

The corporate laws of every state impose fiduciary obligations on all officers and directors. Courts will not second-guess decisions by officers and directors made in good faith with reasonable care and inquiry. To fulfill that obligation, officers and directors must assume an active role in establishing correct governance, management, and culture for addressing security in their organizations.

Download This White Paper

Insights

What’s Next for Blockchain and Crypto?
01 December 2022
Innovative Technology Insights
Case Law Update: Disputes Relating to Supply Chain Disruptions Hit the Courts
01 December 2022
Manufacturing Industry Advisor
Foley Partner André Thiollier Moderates Global Venture Market Session at BayBrazil Conference
01 December 2022
Foley Ignite
Podcast Episode 96: Eric Williams, Associate
01 December 2022
Foley Career Perspectives
What You Should Know About Payor/Provider Convergence
25-26 January 2023
Los Angeles, CA
ATA EDGE2022 Policy Conference | American Telemedicine Association
7-9 December 2022
Washington, D.C.
CLE Weeks
5-16 December 2022
Milwaukee, WI
Foley Sponsors Ernst & Young Entrepreneur of the Year® Program
1 December 2021 - 30 November 2022
Michigan and Northwest Ohio Region