TRENDING:

Cybersecurity: What Boards Must Know

Attorney Kim Peretti on How to Keep Directors Risk-Aware Tom Field (SecurityEditor) • August 20, 2014     15 Minutes   
Cybersecurity: What Boards Must Know
Kim Peretti, Alston & Bird LLP

As the Target breach demonstrated, boards of directors will be held accountable when their organizations are breached. Attorney Kim Peretti offers tips on how to educate boards about security issues.

Peretti, a partner with the Washington, DC-based law firm of Alston & Bird LLP, just wrote a new advisory, Cybersecurity: What Directors Need to Know in an Era of Increased Scrutiny. In this alert, she discusses why board members must educate themselves on cyber-related risks. She also talks about directors' responsibilities before and after a data breach.

"[Boards] have an awareness of the threat out there," Peretti says. "But what they're struggling with - what they don't know - is what is the risk that the [threat] has to any particular organization, how do you mitigate that risk, and how do you respond to it?"

In an interview about educating boards of directors, Peretti discusses:

  • What directors don't know about security;
  • Pre- and post-breach responsibilities of boards;
  • How to educate the board - and when.

Peretti is a partner in the Alston & Bird, LLP law firm's white collar crime group and co-chair of its security incident management and response team. She is also a former director of PricewaterhouseCoopers' cyberforensic service practice and a former senior litigator for the Department of Justice's Computer Crime and Intellectual Property Section. While at the Department of Justice, Peretti led several benchmark cybercrime investigations and prosecutions, including the prosecution of the TJX hacker Albert Gonzalez, currently serving 20 years in prison for his role in the largest hacking and identity theft case ever prosecuted by the department.

Previous
Michael Daniel's Path to the White House
Next
Apple iOS 8: What's New for Security?



Around the Network

Identity Security and How to Reduce Risk During M&A
Identity Security and How to Reduce Risk During M&A
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
Medical Device Cyberthreat Modeling: Top Considerations
Medical Device Cyberthreat Modeling: Top Considerations
Properly Vetting AI Before It's Deployed in Healthcare
Properly Vetting AI Before It's Deployed in Healthcare
How 'Security by Default' Boosts Health Sector Cybersecurity
How 'Security by Default' Boosts Health Sector Cybersecurity
Safeguarding Critical OT and IoT Gear Used in Healthcare
Safeguarding Critical OT and IoT Gear Used in Healthcare
Evolving Threats Facing Robotic and Other Medical Gear
Evolving Threats Facing Robotic and Other Medical Gear
Transforming a Cyber Program in the Aftermath of an Attack
Transforming a Cyber Program in the Aftermath of an Attack
Protecting Medical Devices Against Future Cyberthreats
Protecting Medical Devices Against Future Cyberthreats
Is It Generative AI's Fault, or Do We Blame Human Beings?
Is It Generative AI's Fault, or Do We Blame Human Beings?

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.co.uk, you agree to our use of cookies.