Ignorance Not Bliss: Cyber Risk Management Found Lacking


Despite increasing cyber attacks, significant losses from operational downtime, and further governmental regulation, companies are still not taking measures for basic responsibilities for cyber governance, or even securing available insurance. A recent Carnegie Mellon CyLab 2012 Report provides the following recommendations:

Businesses should: 1) Establish policies to protect from attack, data breach, and data misuse, 2) Identify responsibilities and assign roles to management, 3) Verify qualified persons are retained to monitor privacy and security, 4) Establish periodic reviews of internal and external risks, and regulatory compliance, 5) Establish policies to respond to an attack or breach, 6) Provide adequate budgeting to allow sufficient response to risks, 7) Conduct annual audits of to determine the effectiveness of controls, and 8) Evaluate the adequacy of insurance coverage.

LOADING PDF: If there are any problems, click here to download the file.

Topics:  Cyber Attacks, Cybersecurity, Data Protection

Published In: Business Organization Updates, Business Torts Updates, General Business Updates, Government Contracting Updates, Commercial Real Estate Updates

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Robert Freedman - Partner at Tharpe & Howell, LLP | Attorney Advertising

Don't miss a thing! Build a custom news brief:

Read fresh new writing on compliance, cybersecurity, Dodd-Frank, whistleblowers, social media, hiring & firing, patent reform, the NLRB, Obamacare, the SEC…

…or whatever matters the most to you. Follow authors, firms, and topics on JD Supra.

Create your news brief now - it's free and easy »