Search Team

Search by Last Name
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z

Q&A with Gus Coldebella & Donna Balaguer: Why Cybersecurity Is Your Board’s Business

April 19, 2017

Q&A with Gus Coldebella & Donna Balaguer: Why Cybersecurity Is Your Board’s Business

April 19, 2017

Back to Q&A Listing

 

Gus Coldebella (Principal) and Donna Balaguer (Principal) were recently interviewed by Metropolitan Corporate Counsel in the April 2017 article, “Why Cybersecurity Is Your Board’s Business.” In the interview, Coldebella & Balaguer discuss:

  • Potential cybersecurity policy by the Trump administration
  • Why cybersecurity is a boardroom issue
  • How to mitigate the risk of a cyberattack
  • Which business sectors are most vulnerable to cyberattacks
  • Who can sue after a cyber breach

MCC: You have interesting and different backgrounds. How do you work together to help clients protect themselves from cyberattacks?

Coldebella: When I was at DHS, part of my job was helping to lead the legal efforts to improve security of the federal government’s computer networks, and to promote robust cyber information sharing between the government and the private sector. In private practice, I do the same for companies, both public and private, that either have experienced apparent cyber incidents or are planning for the inevitable attack. We help clients focus on what should happen before an attack occurs – or, as we like to say, “left of boom.” Instituting good corporate governance practices and preparation – not only knowing the enemies and what they might be after, but understanding in advance the regulatory and law enforcement regimes that apply to your company and industry – can help mitigate a disaster.

Balaguer: I help clients take advantage of the incredible business opportunities created and facilitated by technology, while mitigating the risks of cyber attacks and data breaches. I served as in-house counsel in the technology sector and understand the pressures of managing the ever-changing landscape of cybersecurity regulations and best practices while at the same time responding to business needs. Everything is focused on understanding our clients’ businesses so that we can evaluate specific risks and opportunities. We then create a comprehensive plan that not only helps the client protect itself in advance, but tells them what to do if an attack occurs.

MCC: What steps should companies and their boards do right now to mitigate the risk of a cyberattack?

Coldebella: We urge clients to step back and think about cybersecurity in a strategic way. What are the assets that we have that are valuable? How are we protecting them? How quickly will we know if they’re accessed, stolen, deleted or altered? Companies should use a risk-based approach in this analysis: What is most valuable? What is most likely to be targeted? What information assets would be devastating to the company or its customers if unlawfully manipulated? Once management answers those questions, the board should monitor and oversee the company’s cyber work with questions like these: Do we have the right policies, procedures and personnel to make sure that our assets are secured? If an attack were to happen, would the company be resilient – including through implementation of an incidentresponse plan that has been regularly exercised in mock attacks? Now that the Securities and Exchange Commission has issued guidance suggesting that companies disclose cybersecurity-related risks in their public filings, CEOs, CFOs, general counsel and boards of directors need to focus on whether the company has engaged in a robust process to understand and disclose its cyber risks. This is not a “one and done” board function; since the threat is dynamic, as are the company’s systems and information, the analysis and oversight should be ongoing.

Attorney Bio

Headshot
Gus P. Coldebella | Principal

Gus P. Coldebella, a member of the National Law Journal’s inaugural class of “Cybersecurity Trailblazers” in 2015, is a principal in the Commercial Litigation Group in Fish’s Boston and Washington, D.C. offices. His practice involves helping companies deal with all aspects of...

Filter by
Event
December 5th, 2017 | 12:30 pm EST
Xconomy’s What's Hot in Cybersecurity
Xconomy’s What's Hot in Cybersecurity
Speaking Engagement
Event
November 15th, 2017 | 8:00 am CST
MAPI Cybersecurity Forum
MAPI Cybersecurity Forum
Speaking Engagement
News
April 20, 2017
Fish's Gus Coldebella and Donna Balaguer Interviewed in Metropolitan Corporate Counsel Article, "Why Cybersecurity Is Your Board’s Business"
Articles
Event
November 12th, 2015
AIPLA 2015 Trade Secret Law Summit
Three Cybersecurity Lessons from The Newswires Hacking Scam
Speaking Engagement
Event
August 17th, 2017 | 11:15 am CDT
TexasBar CLE 16th Annual Course: Advanced In-House Counsel
TexasBar CLE 16th Annual Course: Advanced In-House Counsel
Speaking Engagement
Conference/Convention
Event
June 13th, 2017 | 1:00 pm EDT
New York’s Cybersecurity Regulations for the Financial Services Sector - What Do They Mean, and What Is Their Impact?
Cybersecurity,
Webinar
Event
May 9th, 2017 | 12:30 pm EDT
Gus Coldebella to Discuss "Managing Trade Secrets" | AIPLA Webinar
Gus Coldebella to Discuss
Speaking Engagement
Event
April 26th, 2017
Gus Coldebella Moderates a Panel at "The Exchange" Data Privacy and Cybersecurity Forum
Gus Coldebella Moderates a Panel at
Speaking Engagement
Q&A
April 19, 2017
Q&A with Gus Coldebella & Donna Balaguer: Why Cybersecurity Is Your Board’s Business
Q&A with Gus Coldebella & Donna Balaguer: Why Cybersecurity Is Your Board’s Business
Authors: Gus P. Coldebella, Donna A. Balaguer, CIPP/US
Cybersecurity
Commercial Litigation
Litigation
Trends
Event
March 22nd, 2017
Gus Coldebella to Speak at BBA Higher Education Conference
Gus Coldebella to Speak at BBA Higher Education Conference
Speaking Engagement
Event
February 9th, 2017 | 1:30 pm EST
TAG FinTech GA 2017 - Stealing Your Identity: Risk, Security & Fraud in Financial Services
TAG FinTech GA 2017 - Stealing Your Identity: Risk, Security & Fraud in Financial Services
Speaking Engagement
Event
October 28th, 2015 | 8:00 am PDT
27th Annual All Hands Meeting
27th Annual All Hands Meeting
Speaking Engagement
load more topics