Why IT can’t handle data breaches alone

The entire C-suite and board is on the hot seat for security these days -- and that makes data breaches everyone's business

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.

In his keynote address at the CIO Perspectives event in Dallas last month, attorney Matthew Karlyn discussed what CIOs and other business leaders need to know about the laws surrounding data breaches and preparing for the worst before a breach happens.

Matthew Karlyn Foley & Lardner LLP

Matthew Karlyn, Partner, Technology Transactions & Outsourcing Practice, Foley & Lardner LLP

Karlyn also addressed some of the myths surrounding security, including the suggestion that companies should “just let the IT department handle it.”

“Does human resources have a role to play in information security? Of course they do - they’re storing the most sensitive data on all of your employees," said Karlyn. "Does finance have a role to play in information security? Of course they do - they’re funding the IT infrastructure. If they don’t understand what they’re funding, they’re going to say no… Does legal have a role to play in information security? Of course they do. No, it’s not just an IT department issue.”

Karlyn also guided the audience in how security needs to be thought of when dealing with third-party vendors, hacktivists, confidentiality agreements (and what they really mean), contractors, employees (making sure they don’t fall for phishing emails), and even a company’s own legal department.

Register now to listen to the full audio of Karlyn's address and hear more expert legal analysis and practical advice on how to keep the C-suite out of the hot seat.

To continue reading this article register now

Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.