- If You Don’t Know Where You’re Going You’ll End Up Someplace ElsePosted 6 hours ago
- Vegans Not Deceived By Impossible Burger, Judge RulesPosted 6 hours ago
- Who Decides Arbitrability?Posted 1 day ago
- Island-Hopping Attacks Are A Rising ThreatPosted 1 day ago
- Law Prof: “Postponed” Election Would Likely Make Biden PresidentPosted 2 days ago
- ISO 20022 Is a Compliance Game-ChangerPosted 2 days ago
GC Should Lead Security Management and Risk
Executive Summary of an article written by
Thomas Yohannan, Aon Cyber Solutions; Paul Lanois, Fieldfisher; and Brett Williams
General Counsel are leaders in enterprise risk management and should therefore have a central role in the company’s information security methodology. The GC is broadly aware of an organization’s risks and objectives, maintains a good understanding of its clients and its internal stakeholders, has a normative legal framework and a sense of how to provide risk mitigation.
A Chief Information Security Officer’s value may only be fully realized when a cyber incident occurs. The CISO can become a crucial driver of not only digital transformation but also risk management, as effective information security practices are vital both in preventing a successful incident and responding to one. Legal professionals understand risk management, and its related urgency. Not being aware of statutory requirements can prove costly to the companies, not to mention the harm to reputation that may follow. Again, a clear argument for promoting the GC/CISO alignment.
Successfully meeting risk mitigation obligations is a cooperative effort. A partnership must exist across the enterprise between the GC, IT, and security organizations to establish the proper controls and enlist executives to meet these obligations.
Given the continually changing skills required in each of those domain areas, the GC is in a position to lead this collaborative effort. Reporting to the GC may provide the foundation for what CISOs should be focusing on next: moving beyond the security silo to play a central role in overall business leadership.Read the full article at:
Today's General Counsel