The Association of Corporate Counsel (ACC) Foundation, in collaboration with Ernst & Young, has presented the “2022 State of Cybersecurity Report, an in-house perspective”. The report shows that 84% of companies now give the chief legal officer (CLO) a key role in the organization’s cybersecurity strategy.
The report also covers a broad range of cybersecurity activities: legal department’s role, policies and practices, risk management, and breach and incident response. It shows that 22% of companies now have a dedicated cybersecurity lawyer, 20% more companies now require annual cybersecurity training for all employees compared to 2020, 31% of legal departments say they are regularly involved in their company’s third-party risk management (TPRM) and 38% of legal departments say they are spending more as a result of their approach to cyber, compared to a year ago.
Also, damage to reputation, liability to data subjects, and business continuity are the top 3 areas of concern resulting from a data breach.
The data included in this report represents 265 companies across 17 industries and 24 countries, providing a comprehensive understanding of how legal departments of different sizes engage in cybersecurity matters.