Search Team

Search by Last Name
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z

Q&A with Gus Coldebella & Donna Balaguer: Why Cybersecurity Is Your Board’s Business

April 19, 2017

Q&A with Gus Coldebella & Donna Balaguer: Why Cybersecurity Is Your Board’s Business

April 19, 2017

Back to Q&A Listing

 

Gus Coldebella (Principal) and Donna Balaguer (Principal) were recently interviewed by Metropolitan Corporate Counsel in the April 2017 article, “Why Cybersecurity Is Your Board’s Business.” In the interview, Coldebella & Balaguer discuss:

  • Potential cybersecurity policy by the Trump administration
  • Why cybersecurity is a boardroom issue
  • How to mitigate the risk of a cyberattack
  • Which business sectors are most vulnerable to cyberattacks
  • Who can sue after a cyber breach

MCC: You have interesting and different backgrounds. How do you work together to help clients protect themselves from cyberattacks?

Coldebella: When I was at DHS, part of my job was helping to lead the legal efforts to improve security of the federal government’s computer networks, and to promote robust cyber information sharing between the government and the private sector. In private practice, I do the same for companies, both public and private, that either have experienced apparent cyber incidents or are planning for the inevitable attack. We help clients focus on what should happen before an attack occurs – or, as we like to say, “left of boom.” Instituting good corporate governance practices and preparation – not only knowing the enemies and what they might be after, but understanding in advance the regulatory and law enforcement regimes that apply to your company and industry – can help mitigate a disaster.

Balaguer: I help clients take advantage of the incredible business opportunities created and facilitated by technology, while mitigating the risks of cyber attacks and data breaches. I served as in-house counsel in the technology sector and understand the pressures of managing the ever-changing landscape of cybersecurity regulations and best practices while at the same time responding to business needs. Everything is focused on understanding our clients’ businesses so that we can evaluate specific risks and opportunities. We then create a comprehensive plan that not only helps the client protect itself in advance, but tells them what to do if an attack occurs.

MCC: What steps should companies and their boards do right now to mitigate the risk of a cyberattack?

Coldebella: We urge clients to step back and think about cybersecurity in a strategic way. What are the assets that we have that are valuable? How are we protecting them? How quickly will we know if they’re accessed, stolen, deleted or altered? Companies should use a risk-based approach in this analysis: What is most valuable? What is most likely to be targeted? What information assets would be devastating to the company or its customers if unlawfully manipulated? Once management answers those questions, the board should monitor and oversee the company’s cyber work with questions like these: Do we have the right policies, procedures and personnel to make sure that our assets are secured? If an attack were to happen, would the company be resilient – including through implementation of an incidentresponse plan that has been regularly exercised in mock attacks? Now that the Securities and Exchange Commission has issued guidance suggesting that companies disclose cybersecurity-related risks in their public filings, CEOs, CFOs, general counsel and boards of directors need to focus on whether the company has engaged in a robust process to understand and disclose its cyber risks. This is not a “one and done” board function; since the threat is dynamic, as are the company’s systems and information, the analysis and oversight should be ongoing.

Attorney Bio

Headshot
Gus P. Coldebella | Principal

Gus P. Coldebella, a member of the National Law Journal’s inaugural class of “Cybersecurity Trailblazers” in 2015, is a principal in the Commercial Litigation Group in Fish’s Boston and Washington, D.C. offices. His practice involves helping companies deal with all aspects of...

Filter by
News
April 20, 2017
Fish's Gus Coldebella and Donna Balaguer Interviewed in Metropolitan Corporate Counsel Article, "Why Cybersecurity Is Your Board’s Business"
Articles
Fish Litigation Blog
March 2, 2017
Tough New Cybersecurity Regulations from the New York Department of Financial Services Go Live
Tough New Cybersecurity Regulations from the New York Department of Financial Services Go Live
Authors: Claire Collins, Gus P. Coldebella, Caroline K. Simons
IP Litigation
White Collar
Fish Litigation Blog
February 3, 2017
What Will Happen to the Joint Strategic Plan on Intellectual Property Enforcement?
What Will Happen to the Joint Strategic Plan on Intellectual Property Enforcement?
Authors: Gus P. Coldebella, Caroline K. Simons
IP Litigation
Event
April 25th, 2018 | 11:30 am EDT
HB Litigation Conferences Cyber Sector Risk: Critical Infrastructure
HB Litigation Conferences Cyber Sector Risk: Critical Infrastructure
Speaking Engagement
Q&A
April 19, 2017
Q&A with Gus Coldebella & Donna Balaguer: Why Cybersecurity Is Your Board’s Business
Q&A with Gus Coldebella & Donna Balaguer: Why Cybersecurity Is Your Board’s Business
Authors: Gus P. Coldebella, Donna A. Balaguer, CIPP/US
Cybersecurity
Commercial Litigation
Litigation
Trends
News
January 11, 2016
Fish & Richardson Principal Gus P. Coldebella Named “Cybersecurity & Data Privacy Trailblazer” by The National Law Journal
Press Release
Fish Litigation Blog
November 20, 2015
Yet Another Revision of the Justice Department's Requirements for Corporations to Obtain Cooperation Credit in Criminal Investigations
Yet Another Revision of the Justice Department's Requirements for Corporations to Obtain Cooperation Credit in Criminal Investigations
Authors: Gus P. Coldebella, Caroline K. Simons, Thomas C. Frongillo
Commercial Litigation
White Collar
Q&A
November 17, 2015
Q&A with Gus Coldebella: Trends in Cybersecurity
Q&A with Gus Coldebella
Author: Gus P. Coldebella
Cybersecurity
Commercial Litigation
Litigation
Trends
Q&A
November 16, 2015
Q&A with Gus Coldebella: the Importance of Cybersecurity
Q&A with Gus Coldebella
Author: Gus P. Coldebella
Cybersecurity
Commercial Litigation
Trends
Fish Litigation Blog
October 6, 2015
High Court Declines Certiorari Petition in U.S. v. Newman
High Court Declines Certiorari Petition in <i>U.S. v. Newman</i>
Authors: Gus P. Coldebella, Caroline K. Simons, Thomas C. Frongillo
White Collar
Fish Litigation Blog
September 30, 2015
Using Smart Internal Controls to Prevent Wire Transfer Cyber Fraud
Using Smart Internal Controls to Prevent Wire Transfer Cyber Fraud
Author: Gus P. Coldebella
Fish Litigation Blog
August 12, 2015
Three Cybersecurity Lessons from The Newswires Hacking Scam
Three Cybersecurity Lessons from The Newswires Hacking Scam
Author: Gus P. Coldebella
IP Litigation
White Collar
Cybersecurity
load more topics