Developing Comprehensive and Flexible Cybersecurity Procedures and Contingency Plans in the Face of Increasing Risks and Uncertainties

Drinker Biddle partner Ken Dort and associate Jeremiah Posedel presented “Developing Comprehensive and Flexible Cybersecurity Procedures and Contingency Plans in the Face of Increasing Risks and Uncertainties.” This program covered key areas of cybersecurity policy preparation and implementation, using the recommendations of the California Attorney General’s recent report as to those areas of primary focus.

Key topics included:

• Audits of IT systems – identifying types of data, data subjects (i.e., employees, customers, clients, etc.), data flows, third-party access points, vendor access rights
• Identifying existing policies/protocols to protect/handle critical data – employee data, customer data, client data, R & D, marketing, trade secrets – and any gaps requiring remediation
• Back-up/co-location capabilities
• Data incident response contingency plans
• Data handling/protection functions – organization chart assessments
• Employee training on data handling/protection
• Risk assessment and threat identification practices
• External-facing policies – customer notices and privacy policies/terms of use
• Preparing a data breach response contingency plan
• Recent EU-US Privacy Shield developments