CIO Perspectives

Why IT can’t handle data breaches alone

"The entire C-suite and board is on the hot seat for security these days," says Matthew Karlyn. And that makes data breaches everyone's business.

In his keynote address at the CIO Perspectives event in Dallas last month, attorney Matthew Karlyn discussed what CIOs and other business leaders need to know about the laws surrounding data breaches and preparing for the worst before a breach happens.

Matthew Karlyn Foley & Lardner LLP

Matthew Karlyn, Partner, Technology Transactions & Outsourcing Practice, Foley & Lardner LLP

Karlyn also addressed some of the myths surrounding security, including the suggestion that companies should “just let the IT department handle it.”

“Does human resources have a role to play in information security? Of course they do - they’re storing the most sensitive data on all of your employees," said Karlyn. "Does finance have a role to play in information security? Of course they do - they’re funding the IT infrastructure. If they don’t understand what they’re funding, they’re going to say no… Does legal have a role to play in information security? Of course they do. No, it’s not just an IT department issue.”

Karlyn also guided the audience in how security needs to be thought of when dealing with third-party vendors, hacktivists, confidentiality agreements (and what they really mean), contractors, employees (making sure they don’t fall for phishing emails), and even a company’s own legal department.

Register now to listen to the full audio of Karlyn's address and hear more expert legal analysis and practical advice on how to keep the C-suite out of the hot seat.

To continue reading this article register now

Join the discussion
Be the first to comment on this article. Our Commenting Policies