CLOC: Legal Operations need to assess vendors’ cybersecurity

published on Cybersecurity, General Counsel

Legal Operations need a standard way to assess the cyber-security of third party vendors, including law firms & technology providers, that according to CLOC. In a post-conference report by CLOC (Corporate Legal Operations Consortium), it was noted that legal operations’ knowledge of cyber-security is typically limited. They emphasised that when talking about corporate legal operations and cyber-security, it’s not only about data housed in the company itself, but also data that travels to third parties, such as external law firms.

How legal counsel can help identify data breach vulnerability and limit liability

published on Cybersecurity, Data Privacy, General Counsel, Legal Risk Management

As Legal Counsel, you are a key player in your company’s data protection processes. Whether you work alone or in collaboration with Compliance and Data Protection Officers, it is imperative you manage your company’s legal information to minimise legal risk created by cyber attacks and data breaches. Data breaches not only affect your company’s bottom line, but if regulators and shareholders find that you breached various fiduciary duties by not mitigating known data security risks, you may also be at risk of personal liability. Therefore, GCs need a clear understanding of what makes them vulnerable so they can mitigate their risks and avoid liability.

The growing role of the GC in preventing data breaches – being proactive, not reactive

published on Cybersecurity, Data Privacy, General Counsel, Legal Risk Management

Data security is a growing focus for companies and it is no longer just an IT issue. According to a Legal Week Intelligence report, nearly 50% of General Counsel say planning for cyber-security incidents and responding to breaches is now part of their job – a figure that is likely to go up as the role of the GC expands as risk manager and advisory to the board. In a previous post we covered how GCs are increasingly viewed as leaders in the C-suite – and with that comes added pressure to take on a more proactive leadership role.

What in-house lawyers need to know about data protection impact assessments (DPIA)

published on Compliance Management, Cybersecurity, Legal Risk Management

As the deadline for complying to GDPR looms, many in-house lawyers are asking “Do I need to conduct a DPIA?”. In this post we’ll explore the grounds for conducting a DPIA, what the requirements are and finally, what the legal department needs to do to ensure the legal GDPR requirements are met.

How ineffective legal information management is leaving you burdened (and putting the business at risk!)

published on Cloud technology, Cybersecurity, General Counsel, Legal Risk Management, Legal Technology

For legal departments large and small, effective document and information management is fundamental to their success. In-house lawyers need to be able to look up contract information, track your obligations, generate insights on risk and opportunities at the snap of a finger. Not to mention that legal department is in a unique position to set an example for the rest of the organization on best practices to ensure data protection compliance and security.