In-house legal teams need to stay on top of cybersecurity

A recent cyber attack on the NZX shows that companies should make sure they’re not vulnerable

In-house legal teams need to stay on top of cybersecurity

In-house legal teams need to ensure they’re staying on top of cybersecurity, particularly following a recent cyber attack on the NZX, a national firm said.

Over a four-day period as August came to a close, the stock exchange was rocked by volumetric distributed denial of service (DDoS) attacks that hit its websites and markets announcement platform. As a result, trading activity was grounded in a number of important markets.

“Not only has this led to serious concerns regarding NZX’s resilience, its vulnerability to cyber-risks and its reliance on [network service provider] Spark, it is also bringing into sharp focus the need for enterprises of all shapes and sizes to examine their internal processes around cyber-risk,” national firm Anderson Lloyd said in a blog post.

Most Read

The firm said that historically, major cyber attacks have targeted “the critical IT infrastructure of financial institutions, presumably in part because they have the deepest pockets.” Research conducted by the Reserve Bank earlier this year estimated that cyber attacks could cost the banking and insurance sectors up to $134m per year.

With COVID-19 driving the implementation of less secure remote work setups, companies, including most SMEs, are now more vulnerable than ever to cyber criminals. This is where chief legal officers should come in.

As discussed on Canadian Lawyer, the Association of Corporate Counsel (ACC) recently found that most chief legal officers contributed significantly to their companies’ cybersecurity strategies. Vice president and chief legal officer Susanna McDonald said that cybersecurity responsibility is not one that should be shunted to IT departments, as “legal oversight leads to risk-based compliance and really coincides with the rise of cybersecurity policies.”

“There are not too many companies that don’t have access to employee and customer data so organisations must protect that data, and regulatory schemes are growing and increasingly involving in-house counsel in order to be able to stay on top of that,” she said.

The ACC study showed that over the past couple of years, there has been an increase in the percentage of organisations worldwide appointing in-house lawyers who focus specifically on cybersecurity. This was accompanied by an uptick in the percentage of organisations establishing cybersecurity response teams.

“Cybersecurity is a risk and compliance issue, so it’s really in the wheelhouse of in-house counsel. The most common questions that general counsel get from their boards are about cybersecurity risk and compliance, so if your board is asking these questions, you need to be able to effectively answer them,” McDonald said.

Related stories

Free newsletter

Subscribe to our FREE newsletter service and we’ll keep you up-to-date with the latest breaking news, cutting edge opinion, and expert analysis affecting both your business and the industry as whole.

Please enter your email address below and click on Sign Up for daily newsletters from NZ Lawyer.

Recent articles & video

Chapman Tripp names new chief executive partner

NZ’s first new retail green bond issue for 2020 blooms with Chapman Tripp’s help

Family law-specialist barrister appointed as new district court judge

Lane Neave welcomes power mum partner back from parental leave

Brexit battle leads to resignation of UK government’s longest-tenured justice minister

Litigating for a better legal landscape

Most Read Articles

Duncan Cotterill appoints new chair of partnership and board

NZ Law Awards finalists revealed

Chapman Tripp names new chief executive partner

MinterEllisonRuddWatts senior associate gleans valuable lessons about flexible work from lockdown