Need to change mindset from:
"Doing what we're required"
"Doing what we should do"
to innovate and protect the company
Cyber Negligence = Criminal Matter
U.S. Department of Justice (Criminal Division)
Issued new guidance (June 2020) to prosecutors of white-collar crime to assessing whether a company complied with its own risk management program.
Prosecutors will asses...
“the adequacy and effectiveness of the corporation’s compliance program at the time of the offense, as well as at the time of a charging decision”
To promote corporate behavior...
“to implement an adequate and effective corporate compliance program or to improve an existing one.”
“Fundamental questions“ for prosecutors
1. “Is the corporation’s compliance program well designed?“
2. “Is the program being applied earnestly and in good faith?“
Is the program adequately resourced and empowered to function effectively?
3. “Does the corporation’s compliance program work“ in practice?
Cyber Laws, Regulations and Acts (Select)
Let us help you improve your cybersecurity compliance