Episode 28 of the podcast covers a director’s and officer’s view of mission-critical privacy and cyber security issues with Reed Smith LLP Partner Gerard Stegmaier.
- Question 1 (03:13): What are the NACD’s guiding principles for effective cyber-risk oversight? Do boards actually follow these principles?
- Question 2 (08:50): With regard to governance and cyber risk management frameworks, when a cyber incident occurs, what are companies doing right and wrong in addressing this interplay?
- Question 3 (12:57): What role do these principles play with D&O insurance?
- Question 4 (16:16): How detailed have you seen board rooms get on how to classify risks.
- Question 5 (21:13): Understanding that security incidents are inevitable, how do you advise clients to work with outside experts? Should everything be under privilege that relates to a potential vulnerability that may result in a future breach?