Use this button to switch between dark and light mode.

How In-House Counsel Can Defend Against Cybersecurity Threats

December 09, 2022

Corporate executives must deal with a long list of risks to their organizations, but there is one specific threat that tops them all: Cybersecurity. Cyber threats are the top overall concern for business decision makers, according to the 2022 Travelers Risk Index, with 59% of executives surveyed saying they worry some or a great deal about cybersecurity attacks, and 57% saying that future cyber attacks on their organizations are inevitable.

The costs of cybersecurity incidents are significant and increasing by the year. For example, according to research from Unit42, the average business downtime caused by a ransomware attack is now 23 days, and the cost of downtime is estimated at 50 times the initial ransom demand. Moreover, a recent survey by Trellix found that 84% of businesses across 15 countries estimate their organizations lost up to 10% of revenue from cybersecurity breaches over the past year.

In-house counsel play a critical role in helping their organizations mitigate the serious financial, legal and reputational harm that is posed by cybersecurity threats. This includes developing a comprehensive incident response plan, staying vigilant about applicable data security laws and compliance standards, and carefully evaluating the potential cybersecurity risks posed by third-party vendors.

“LexisNexis has created a wide range of resources to help in-house counsel better understand the crucial role they play in protecting their organizations against cyberthreats and the tools to help them develop their cybersecurity strategies,” said Barbara Reece, content manager for data security and privacy on the Lexis Practical Guidance team. “This includes Modern Approaches to Cybersecurity, a 10-part series of practice videos that walks legal professionals through the ingredients of a modern information security program and provides practical information for how to navigate your unique risk and compliance requirements related to cybersecurity.”

The changing landscape of data breach litigation poses serious risks to both organizations and their corporate executives as individuals. Ms. Reece notes that Lexis Practical Guidance offers a wide range of tools to help in-house counsel develop comprehensive cybersecurity and mitigation plans, including specific data breach notification laws for all 50 states and industry-specific compliance requirements at both the federal and state levels.

For example, a Data Breach Avoidance and Response Plan Checklist from Lexis Practical Guidance offers step-by-step recommendations for creating a data breach avoidance plan, as well as how to develop a data breach response plan that thoroughly details how an organization will respond to a cyber incident and the requisite timelines involved.

In addition, Lexis+ Practical Guidance has created state-specific and industry-specific resources to help in-house counsel navigate the patchwork of consumer privacy and data breach notification laws that vary from state to state. This includes a Data Breach Notification State Law Survey that provides a quick, at-a-glance view of key requirements contained in state data breach notification laws.

Lexis+ General Counsel Suite is an all-in-one information resource designed for the modern GC that provides in-house counsel with a vast collection of legal resources, breaking business and legal news, and practical guidance content. Click here to read more about how you can use Lexis+ General Counsel Suite to craft a cyber resilience plan that can help your organization defend against attacks and receive a free 7-day trial.