- Economic Espionage Charges Dropped Against Tech EmployeesPosted 22 hours ago
- Win For Amazon In Giant Defense Contract DisputePosted 22 hours ago
- Dershowitz And Boies Trade Defamation SuitsPosted 2 days ago
- Scattershot Regulation Of BiometricsPosted 2 days ago
- Maybe You’re In the Wrong BusinessPosted 3 days ago
- PG&E Faces Takeover Despite Court Approved BankruptcyPosted 3 days ago
Cybersecurity and Trade Secret Protection
Executive Summary of an article written by
Peter Lando and Dmitry Milikovsky, Lando & Anastasi, LLP
Cybersecurity is a major concern for multiple functions of a company, as well as for compliance with regulatory requirements. IT groups take the lead in crafting and detailing security policies, but involvement by the legal team is helpful for a common understanding of legal requirements for maintaining proprietary information and trade secret protection, and for the legal team to understand the strengths and limitations of the tools available. It also allows the groups to be able to communicate in a shared language and establish cybersecurity procedures that help to effectively protect commercial advantages.
The NIST Cybersecurity Framework is a suggested approach to create a cybersecurity process, while ISO 27001 — of the ISO 27000 series of standards — is used by independent auditors to certify that an entity has met a requisite level of protecting sensitive company information through physical, environmental, and human resource security and access control. These are both commonly used approaches for creating and implementing best practices for cybersecurity risk management processes.
The information security management processes of the NIST Framework and the ISO 27000 series standards are widespread and leading best practices for cybersecurity, and can be used to create and document measures taken to protect trade secrets and proprietary information. Understanding the NIST Framework and information security guidelines are useful tools that can help counsel to participate in and influence activities and discussions with the teams that develop, manage and implement cybersecurity processes.Read the full article at:
Today's General Counsel