In a Q&A-style article, The Cybersecurity Law Report interviewed Manatt's Donna Wilson, co-chair of the firms' Privacy and Data Security practice, on how companies should be implementing holistic information governance as part of enterprise risk management. Companies should stress the importance to the board of directors, designating a corporate "conductor" to bring various stakeholders together and conducting an internal inventory to understand what information assets the company has and needs to protect.
When asked how companies are changing their approach to data security, Wilson said:
"Companies are evolving from a privacy security paradigm to an information governance paradigm. Over the years it has evolved in many ways, but probably has never evolved as quickly as it has in the last 24 months. Senior executives and in-house counsel are realizing that information is gold. And it's not just viewed narrowly as consumer information or credit card data used to be. Now companies are increasingly looking at the management and value of information more broadly and from a holistic perspective. They are asking the key questions: what information is coming in, what to do with it, and how it should be maintained. Companies are treating information in a way that they have not before - treating it much more like the valued corporate asset that it is.