Corporate Counsel: Almost Half of GCs Have Dealt With a Data Breach, Survey Says

Previously Published in Corporate Counsel | September 21, 2016 | By Sue Reisinger

A whopping 40 percent of general counsel of major corporations said in a just-released survey that their companies have experienced a data breach in the past year. And data privacy/security tied for first place in the survey on a list of GC priorities for the coming months.

The 2016 General Counsel Report by the Consero Group, which produces forums for in-house counsel, includes answers from 76 general counsel of Fortune 1000 companies. The survey was part of Consero’s GC Forum in June.

Calling the cybersecurity breach number “surprising,” the report recommends that in-house legal departments “consider taking an active role in building a strong cybersecurity plan for their organizations, which includes constructing a crisis management procedure.”

The FBI is doing its part to enhance cybersecurity, according to a speech Wednesdayby Attorney General Loretta Lynch to the International Bar Association. Stressing the international cooperation among governments, Lynch said the FBI’s Cyber Division recently created three new cyber assistant legal attaché positions in London, Ottawa and Canberra.

The offices, she said, will allow “us to embed our personnel with foreign law enforcement agencies in order to streamline information sharing and further our cooperation on a range of cyber issues.”

Closer to home, about 38 percent of the GCs surveyed reported they have a crisis management playbook in place for data breach events, and an added 26 percent are developing such a plan.

Another 68 percent said they think cyber liability insurance is “a necessary component of their approach to cyberrisk management.”

Nearly a quarter of those surveyed (23 percent) reported data privacy/security as a top area of focus. That tied for first place in a list of priorities with mergers and acquisitions, “which could be indicative of more corporate M&A activity in the year to come,” the report states. Compliance and ethics concerns ranked third on the priorities list, with 21 percent.

On a list of top risks, operational risk ranked first with 29 percent. Operational risk includes breakdowns in internal procedures along with human error. That was followed by regulatory compliance and data privacy/security risks, both with 19 percent of the GCs.

On other topics the survey showed:

* Some 79 percent of the GCs said that they conduct one-half to two-thirds of their legal work in-house. Another 12 percent said that they conduct 75-100 percent of it in-house.

* Only 23 percent reported delegating more legal work to outside counsel than 12 months ago, while 77 percent said they’re not.

* The GCs split on legal expenditures, with 41 percent predicting that they would increase in the next year, while another 41 percent estimated that they would remain the same.