Enterprises overlook legal issues in breach preparedness

Companies preparing for data breaches and cyber security incidents too often focus on the technology and overlook the legal aspects.

In a recent study by Hanover Research, for example, while about 54 percent of companies conducted a cyber threat audit — but only 33 percent involved their legal departments in the process.

“Companies are more likely to involve lawyers as a reactive measure, after an incident has occurred, rather than as a proactive measure,” researchers said in their report, which was based on a survey of corporate law departments conducted on behalf of Indiana University’s Maurer School of Law.

This is a problem, because IT or security staff typically focus on physical and electronic security, not necessarily the legal, compliance, or privacy issues of a data breach, said Scott Vernick, the head of the data protection and privacy practice at the law firm of Fox Rothschild LLP, in Philadelphia.

To read this article in full or to leave a comment, please click here

Read more: Enterprises overlook legal issues in breach preparedness

Story added 1. May 2015, content source with full text you can find at link above.