As the headlines make clear, whether you are an established brick-and-mortar business or a digital media/tech start-up, you are facing an onslaught of potential cyber threats coming from many different directions, placing customer and employee information, intellectual property and trade secrets, and other proprietary information at risk of theft and disclosure. These risks also can place your company in the crosshairs of regulatory enforcement and litigation, not to mention damage your reputation, brand, and customer/business relationships.
The key to managing and mitigating these risks is preparation and planning, and viewing well-considered information governance as an imperative throughout your organization and product and service development.
Indeed, Boards of Directors, shareholders, VCs, and regulators are asking tough questions that all levels of management—CEO, GC, CFO, CIO, CISO, CPO, and Risk Manager—need to be prepared to answer:
- Is our company at risk of a cyber incident?
- What types of threats should we be concerned with?
- Should we explore cyber insurance and, if so, how much coverage do we need?
- Can we protect ourselves through other means of contractual indemnification with business partners and vendors?
- Is our company taking adequate steps to avoid an attack and protect the company and sensitive information?
Rebecca Perry, Director of Professional Services, Jordan Lawrence
Liz Wittenberg, Cyber Vendor Services Leader, AIG