Search Team

Search by Last Name
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z

Q&A with Donna Balaguer: Why Cybersecurity Is Your Board’s Business

April 19, 2017

Q&A with Donna Balaguer: Why Cybersecurity Is Your Board’s Business

April 19, 2017

Back to Q&A Listing

 

Gus Coldebella (Former Fish Principal) and Donna Balaguer (Principal) were recently interviewed by Metropolitan Corporate Counsel in the April 2017 article, “Why Cybersecurity Is Your Board’s Business.” In the interview, Coldebella & Balaguer discuss:

  • Potential cybersecurity policy by the Trump administration
  • Why cybersecurity is a boardroom issue
  • How to mitigate the risk of a cyberattack
  • Which business sectors are most vulnerable to cyberattacks
  • Who can sue after a cyber breach

MCC: You have interesting and different backgrounds. How do you work together to help clients protect themselves from cyberattacks?

Coldebella: When I was at DHS, part of my job was helping to lead the legal efforts to improve security of the federal government’s computer networks, and to promote robust cyber information sharing between the government and the private sector. In private practice, I do the same for companies, both public and private, that either have experienced apparent cyber incidents or are planning for the inevitable attack. We help clients focus on what should happen before an attack occurs – or, as we like to say, “left of boom.” Instituting good corporate governance practices and preparation – not only knowing the enemies and what they might be after, but understanding in advance the regulatory and law enforcement regimes that apply to your company and industry – can help mitigate a disaster.

Balaguer: I help clients take advantage of the incredible business opportunities created and facilitated by technology, while mitigating the risks of cyber attacks and data breaches. I served as in-house counsel in the technology sector and understand the pressures of managing the ever-changing landscape of cybersecurity regulations and best practices while at the same time responding to business needs. Everything is focused on understanding our clients’ businesses so that we can evaluate specific risks and opportunities. We then create a comprehensive plan that not only helps the client protect itself in advance, but tells them what to do if an attack occurs.

MCC: What steps should companies and their boards do right now to mitigate the risk of a cyberattack?

Coldebella: We urge clients to step back and think about cybersecurity in a strategic way. What are the assets that we have that are valuable? How are we protecting them? How quickly will we know if they’re accessed, stolen, deleted or altered? Companies should use a risk-based approach in this analysis: What is most valuable? What is most likely to be targeted? What information assets would be devastating to the company or its customers if unlawfully manipulated? Once management answers those questions, the board should monitor and oversee the company’s cyber work with questions like these: Do we have the right policies, procedures and personnel to make sure that our assets are secured? If an attack were to happen, would the company be resilient – including through implementation of an incidentresponse plan that has been regularly exercised in mock attacks? Now that the Securities and Exchange Commission has issued guidance suggesting that companies disclose cybersecurity-related risks in their public filings, CEOs, CFOs, general counsel and boards of directors need to focus on whether the company has engaged in a robust process to understand and disclose its cyber risks. This is not a “one and done” board function; since the threat is dynamic, as are the company’s systems and information, the analysis and oversight should be ongoing.

Attorney Bio

Headshot
Donna A. Balaguer, CIPP/US | Principal

Donna Balaguer is a Principal in the Washington, DC, office of Fish & Richardson.  Ms. Balaguer previously served as an executive and in-house counsel to both entrepreneurial and major corporations. She relies on that insider perspective to provide clients with practical and...

Filter by
News
October 18, 2016
Fish & Richardson Principal Donna Balaguer Named “Cybersecurity & Data Privacy Trailblazer” by The National Law Journal
Press Release
News
June 6, 2016
5 Steps to Better Prepare for a Cyberbreach
Articles
Event
February 19th, 2018 | 8:00 am CST
NEBSA 2018 Conference
NEBSA 2018 Conference
Speaking Engagement
Sponsorship
News
August 22, 2017
Fish & Richardson Announces Four Principals Named 2017 “Women Worth Watching” by Profiles in Diversity Journal
Press Release
News
April 20, 2017
Fish's Donna Balaguer Interviewed in Metropolitan Corporate Counsel Article, "Why Cybersecurity Is Your Board’s Business"
Articles
Q&A
April 19, 2017
Q&A with Donna Balaguer: Why Cybersecurity Is Your Board’s Business
Q&A with Donna Balaguer: Why Cybersecurity Is Your Board’s Business
Author: Donna A. Balaguer, CIPP/US
Cybersecurity
Commercial Litigation
Litigation
Trends
Event
February 20th, 2017 | 8:45 am PST
NEBSA 2017 Annual Meeting & Convention
NEBSA 2017 Annual Meeting & Convention
Sponsorship
News
October 19, 2016
Fish's Donna Balaguer Mentioned in Forbes Article "Cybersecurity And Social Media: Corporate Training Best Practices"
Media Mention
Event
September 27th, 2016 | 8:00 am EDT
cyberSecure
cyberSecure
Sponsorship
Event
February 5th, 2015 | 12:00 pm EST
Data Privacy: A Webinar Designed to Help Your Nonprofit Understand What It Needs to Know
Event
February 19th, 2012
NEBSA 2012 Annual Meeting
Event
March 1st, 2011
Education in the Wireless Age- NEBSA's 2011 Annual Meeting
Speaking Engagement
load more topics