“Everyone has a plan until they get punched in the mouth.” – Mike Tyson
Yes, this holds true for the legal profession as well, especially when it’s a cybersecurity breach. The moves that lawyers prescribe may be considered somewhat “safe” on a historical basis, but are they really the best for the business now?
What’s the new need for the legal executives as the organization faces uncertain cybersecurity outcomes?
The IT leadership is going to require more latitude than might be understood or appreciated.
Once a breach happens, they, too, have a brand to restore: their’s. Understanding this means letting them engage with their peers at security conferences and on social media.
Those who can speak confidently and with both clarity and purpose can do far more good than harm.
No doubt there will be many horror stories to compare present situations to, but their outcomes do not always translate to your situation.
Legal teams now must work not only within the context of their departments, but also within those of IT, Marketing, and Human Resources. When a cybersecurity incident emerges, these are no longer independent functions, but interdependent ones.
Marketing / PR
Every large marketing department has a public relations firm on retainer. When a cybersecurity incident becomes real, they are activated and one of the first things produced is a press release. Some are good, others bad.
The lawyers should largely stay out of this creative process and should certainly be very careful in suggesting any edits. The reason for this is that they are seeking a net positive emotional connection, not a clearly defensive position.
HR and legal teams will certainly continue to measure the risk of various human interactions. Sanctions may be discussed and steps taken to further limit damage.
A clear sign that things are not tenable for employees would be removing or masking their current company from their LinkedIn profile. At this point, their own brand is in crisis. And if you ask them, they may very well say it’s because they feel as though they are devalued.
If you can’t make it to one of our events at this time, you’ll want to subscribe to our Academy for ongoing insight from top business leaders.
What you will find with our events is that our sponsors are every bit as special and hand-picked as our attendees. This brings with it a level of professional trust and respect that is almost unheard of, as everyone understands that these are the relationships that can potentially have a truly great impact on your cybersecurity brand/reputation. And it's exactly why we have these sponsors in the room and at the table, rather than sequestered in a vendor hall.
Specifically, as it relates to you, our attendees:
- You will be provided with a simplified e-booklet that clearly articulates the value that each sponsor could potentially bring to your organization. With this we include the direct contact information for each sponsor, so that you, or one of your staff, can quickly and directly get to the right resource the moment you are back in the office and ready to engage.
- Sponsors are not given the personally identifiable information of any of the attendees. Rather, depending on their level of sponsorship, they are provided a list that merely has the company names and titles. The reason for this is simple: sponsors deserve to have a high level view of who they may encounter and you, as a top executive, don't have the time to have a dozen or so follow-up calls. And really, your gatekeepers would likely block access anyway.
What we do encourage and actively promote all the way through is for you to get to know these incredible sponsors, who, in nearly every case, are not merely sending in their sales teams to take the lead, but rather their chief executives and/or their own hand-picked direct delegates. They know how special this group and opportunity is. And of course we want to see them, like you, coming back time and time again.
Finally, each participant is given a simplified card that contains your unique identifier, a list of the sponsors, and a checkbox for those you would like to get in contact with. This includes a space to name someone on your team who should be reached instead of you. We collect those at the end of the day, then do all the work to ensure that the right contact information goes where it should. And most importantly, that everyone is happy and connected in the best way possible.