In-house legal teams need to stay on top of cybersecurity

A recent cyber attack on the NZX shows that companies should make sure they’re not vulnerable

In-house legal teams need to stay on top of cybersecurity

In-house legal teams need to ensure they’re staying on top of cybersecurity, particularly following a recent cyber attack on the NZX, a national firm said.

Over a four-day period as August came to a close, the stock exchange was rocked by volumetric distributed denial of service (DDoS) attacks that hit its websites and markets announcement platform. As a result, trading activity was grounded in a number of important markets.

“Not only has this led to serious concerns regarding NZX’s resilience, its vulnerability to cyber-risks and its reliance on [network service provider] Spark, it is also bringing into sharp focus the need for enterprises of all shapes and sizes to examine their internal processes around cyber-risk,” national firm Anderson Lloyd said in a blog post.

The firm said that historically, major cyber attacks have targeted “the critical IT infrastructure of financial institutions, presumably in part because they have the deepest pockets.” Research conducted by the Reserve Bank earlier this year estimated that cyber attacks could cost the banking and insurance sectors up to $134m per year.

With COVID-19 driving the implementation of less secure remote work setups, companies, including most SMEs, are now more vulnerable than ever to cyber criminals. This is where chief legal officers should come in.

As discussed on Canadian Lawyer, the Association of Corporate Counsel (ACC) recently found that most chief legal officers contributed significantly to their companies’ cybersecurity strategies. Vice president and chief legal officer Susanna McDonald said that cybersecurity responsibility is not one that should be shunted to IT departments, as “legal oversight leads to risk-based compliance and really coincides with the rise of cybersecurity policies.”

“There are not too many companies that don’t have access to employee and customer data so organisations must protect that data, and regulatory schemes are growing and increasingly involving in-house counsel in order to be able to stay on top of that,” she said.

The ACC study showed that over the past couple of years, there has been an increase in the percentage of organisations worldwide appointing in-house lawyers who focus specifically on cybersecurity. This was accompanied by an uptick in the percentage of organisations establishing cybersecurity response teams.

“Cybersecurity is a risk and compliance issue, so it’s really in the wheelhouse of in-house counsel. The most common questions that general counsel get from their boards are about cybersecurity risk and compliance, so if your board is asking these questions, you need to be able to effectively answer them,” McDonald said.

Related stories

Free newsletter

Subscribe to our FREE newsletter service and we’ll keep you up-to-date with the latest breaking news, cutting edge opinion, and expert analysis affecting both your business and the industry as whole.

Please enter your email address below and click on Sign Up for daily newsletters from NZ Lawyer.

Recent articles & video

Combustible cladding class action takes off in High Court with Russell McVeagh’s help

New associates bolster Tauranga firm’s family law, property offerings

Gibson Sheat absorbs Wellington firm

US courts announce closures for presidential inauguration

DLA Piper launches global social mobility and diversity initiative in New Zealand

Chen Palmer makes two key appointments

Most Read Articles

A former chief justice helped this Bell Gully senior associate to jumpstart a legal career

Former EY Law employment head launches private practice

Ex-ombudsman ascends to Chen Palmer partnership

DLA Piper launches global social mobility and diversity initiative in New Zealand