A new world of discussion relating to digital information has emerged among legal commentators: cybersecurity. The legal news is replete with stories chronicling allegations of hackers from China, cyber-sabotage aimed at Iran’s nuclear program, spyware installed on rental computers, continuing attacks on U.S. banks and large commercial institutions, and the President’s executive order on enhanced cybersecurity services program.
The world of cybersecurity has surpassed the exclusive purview of information technology and security departments, and is on the radar screens of legal departments to assist in assessing and managing the risks of information security breaches. This is part one of a three-part series on cybersecurity for legal.
How are information security departments addressing these threats (and why are they not enough)?
A second basic question is: What is the current state-of-the-art for information security, and what is missing? Most organizations have a series of layered security defenses.
Today’s Big Challenge: Conducting “Triage” on the Storm of Alerts
Today’s incident response challenge has three strands: