According to Grant Thornton’s 2017 Corporate General Counsel Survey of businesses around the world, 72% of legal departments placed cyber threats at the top of their risk list, citing concerns regarding privacy and data protection in particular. These breaches indicate that businesses and their legal teams have to do more to secure their digital assets and recognise the high cost of failing to do so.
Compliance and Reputational Risks
For the assessment, control and mitigation of legal and regulatory risks, in-house lawyers have a critical line of defence. However, the job has become tougher as digital technology permeates companies and hackers to explore new ways to attack.
There are highly motivated people out there ranging in sophistication from hacktivists to nation state attackers. The risk of cyber breaches extends to wider reputational harm and loss of trust, beyond the loss of business secrets and records. The second that people lose your trust, your ability to partner and collaborate is undermined. When technology becomes more essential to businesses, their compliance departments need to strike a balance between helping the company keep up with competitors in digital apps and minimising the possibility of a breach.
Enhanced training around in-house data
A variety of steps to improve cyber protection are usually enforced by corporate lawyers. In the Grant Thornton survey, 62% said they were adding data protection policies or growing current ones. Nearly 60% said they were implementing monitoring programmes and more than half said they were implementing plans for training and incident response. These can range from technical defences to online learning programmes and human resources, with a clear responsibility for information security assigned to a person in every team.
Although in-house lawyers recognise that technology often carries vulnerabilities with it and the growing threat is alive, the Grant Thornton survey found that 58% of legal departments were closely involved in reacting to the risks of enterprise-wide data protection, with nearly a quarter solely responsible for handling these risks.
Implement different measures to improve data privacy
A variety of steps to improve cyber protection are usually enforced by corporate lawyers. Most of them said they were adding data protection policies or growing current ones (72% and 62% respectively).
It is suggested that a mixture of measures are needed. These range from technical defences to online education and human resources, with a clear responsibility for information security assigned to a person in every team. The best defence is to have a culture that is advanced enough inside the company to identify a threat when it is there and is vigilant in reporting and transmitting information.
Whilst it is crucial to guarantee that security standards are adhered to within the company’s own activities, it is also important to ensure that partners and external companies that business works with understand and buy into their security culture. This is key, especially when large volumes of its sensitive commercial data are handled by external partners.
Technology is integral
Legal Tech is growing in importance for law firms, but in house legal teams shouldn’t be left behind. There is as much of a need for legal tech tools for in-house lawyers as there is for law firms.
Legal teams must strike a balance between helping the business keep up with rivals in digital applications to limit the risk of a breach, as well as implementing a culture that’s sophisticated enough to recognise a threat when it’s arrived and is diligent in reporting information on it. To prevent attacks on the data your company holds, all employees and external clients should use a secure communications platform such as SaltDNA to prevent attacks from accessing your sensitive and confidential data or information that is being exchanged through messaging or calls with your colleagues, partners or clients.
For more information in relation to the content of this article, or to find out more about SaltDNA, sign up for a 30 day free trial contact us today on email@example.com or by visiting saltdna.com/contact.
SaltDNA is a multi-award winning cyber security company providing a fully enterprise-managed software solution giving absolute privacy in mobile communications. It is easy to deploy and uses multi-layered encryption techniques to meet the highest of security standards. SaltDNA offers ‘Peace of Mind’ for Organisations who value their privacy, by giving them complete control and secure communications, to protect their trusted relationships and stay safe. SaltDNA is headquartered in Belfast, N. Ireland, for more information visit SaltDNA.