In March, the SEC proposed a variety of rule amendments that aim to protect consumers’ data and information. Fran Faircloth, partner in Ropes & Gray’s data, privacy and cybersecurity practice, told BoardIQ that, “the data is the asset of concern in cybersecurity risk management programs, so directors can ask where it’s protected and how it’s managed and can review fund practices in relation to those of competitors.”
Cyber breaches are a consistent concern of directors, and they are often requesting advice on how to best be prepared for these. “Hackers can always get in,” Fran said. “They’re always innovating new ways to break in. I don’t think that means you just throw up your hands and say we can’t do anything. It does mean when the worst happens there’s going to be a lot of scrutiny of what you did.”
“There’s going to be a lot of scrutiny of whether what’s written in those policies and procedures is actually something that was followed,” Fran said. “That’s something very concrete that directors can review.”
Stay Up To Date with Ropes & Gray
Ropes & Gray attorneys provide timely analysis on legal developments, court decisions and changes in legislation and regulations.
Stay in the loop with all things Ropes & Gray, and find out more about our people, culture, initiatives and everything that’s happening.
We regularly notify our clients and contacts of significant legal developments, news, webinars and teleconferences that affect their industries.