October 20, 2018

October 19, 2018

Subscribe to Latest Legal News and Analysis

October 18, 2018

Subscribe to Latest Legal News and Analysis

October 17, 2018

Subscribe to Latest Legal News and Analysis

Privacy, Data Security, and Your Board: Day Three

In our ongoing conversation about privacy, data security and your board, we turn next to cyber insurance and vendor management. Boards, when executing their duty of care, should keep in mind that while there may be some coverage for data incidents under a company’s CGL and D&O policies, there may be significant gaps in coverage as well. Knowing what those gaps are is important. And just as it is important to have a broker with cyber experience, it is also important to seek assistance from cyber counsel during the application process to avoid overstatements or misstatements and to ensure the company is purchasing the appropriate cyber policy based on the company’s cyber risk levels. In addition to cyber insurance coverage, another third party issue that often comes up in the privacy and data security space is vendor management. Board oversight of vendor management has become the new normal. What should boards expect? What are practical aspects of effective vendor management?  Limiting vendor access to critical network segments, setting cybersecurity policies and standards for your vendors, ensuring your vendor contracts comprehensively address privacy and data security risks, incidents, liability, and insurance are all things boards should be increasingly focused on. 

For more information click here for day one, here for day two, here for day four and day five.

Putting it Into Practice: Companies should expect to hear from their boards about cyber insurance coverage and vendor management. Are you ready to answer their questions?

Copyright © 2018, Sheppard Mullin Richter & Hampton LLP.

TRENDING LEGAL ANALYSIS


About this Author

Kari Rollins Intellectual Property Lawyer Sheppard
Partner

Kari M. Rollins is a partner in the Intellectual Property Practice Group in the firm's New York office.

Areas of Practice

Ms. Rollins focuses her practice on privacy and complex commercial litigation matters. She has successfully represented clients in the financial services, audit and accounting, food services, retail, and fashion industries before state and federal courts, as well as in front of state attorneys general, federal regulators, and U.S. and international commercial arbitration forums....

212.634.3077
Liisa Thomas, Sheppard Mullin Law Firm, Chicago, Cybersecurity Law Attorney
Partner

Liisa Thomas, a partner based in the firm’s Chicago and London offices, is Co-Chair of the Privacy and Cybersecurity Practice. Her clients rely on her ability to create clarity in a sea of confusing legal requirements and describe her as “extremely responsive, while providing thoughtful legal analysis combined with real world practical advice.” Liisa is the author of the definitive treatise on data breach, Thomas on Data Breach: A Practical Guide to Handling Worldwide Data Breach Notification, which has been described as “a no-nonsense roadmap for in-house and external practitioners alike.”

She is known as an industry leader in the privacy and data security space and is consistently recognized by Leading Lawyers Network, Chambers and The Legal 500, and leading publications and organizations for her work in this area of law. Liisa was recently recognized as the 2017 Data Protection Lawyer of the Year - USA by Global 100, the 2017 U.S. Data Protection Lawyer of the Year by Finance Monthly, and the “Best in Data Security Law Services” at Corporate LiveWire’s 2017 Global Awards.

312-499-6335