In the March 21, 2019 edition of The Legal Intelligencer, Edward Kang, Managing Member of KHF wrote “IT Security and Policy: Why All Lawyers Must Care About It.”
Several years ago, my insurance broker suggested I get cybersecurity insurance for my firm. It seemed a cybersecurity insurance policy was unnecessary, not much different from having an undercoating for a new car. That was then. Now, the benefits of having a cybersecurity insurance policy are not reasonably in dispute these days. In addition to having the security of insurance, another (and more important) benefit of getting a cybersecurity insurance policy was the requirement that I have an IT security and breach policy that deals with how to prevent a security breach and what to do if there is a security breach. While getting a cybersecurity insurance policy may still remain an option for many, having an IT security policy describing detailed procedures to protect against a cybersecurity attack (and what to do when the system is breached) is a must.