Blog Post
FTI Shares Information Governance Philosophy in Cybersecurity Law & Strategy
ALM’s Law Journal Newsletters recently re-launched its publication, Legal Tech Newsletter as Cybersecurity Law & Strategy, focusing on the most pressing pain points law firms and law departments are facing today. As part of the re-launch, FTI Technology Senior Managing Director Jake Frazier was invited to join the publication’s editorial board, and regularly contribute insights from his ongoing work in information governance. Jake’s first contribution to the publication was this month, in an article discussing the parallels between information governance and data breach prevention.
In the article, Jake discusses that one of the most meaningful elements of information governance is how it can drive the differentiation of data types and enable stronger security protocols around a corporation’s most sensitive data. And as the long list of publicized data breaches has taught us, there is an increasing need for companies to get smarter about locating, organizing and securing their truly sensitive data. In addition to discussing current trends, and tips from legal teams that have achieved results from information governance initiatives, Jake’s article covers the most common roadblocks, so counsel can begin to understand how to move forward despite them. These include:
- Work Styles and New Technology: For many companies, the main challenge is that employees are working and collaborating in new ways that are enabled by the proliferation of cloud-based applications. The wide variety of collaborative tools and mobile devices combined with the lack of employee awareness to sensitive information has made the prospect of controlling where data is shared increasingly complicated.
- Identifying a Starting Point: Organizational structure is often a barrier because various parts of a company are responsible for different elements of information governance. If the scope of the project is too huge, it can and will fall under the weight of itself.
- Big Data: There are countless software systems – legacy and new – and many needs for information stored in many different places and ways, making cohesive IG difficult.
- Human and Financial Capital: Lack of resources is a key challenge. Many worry about the need to secure collaboration across teams within various functions, from IT and records management to legal and the lines of business. This fact combined with difficulty in securing buy-in from key stakeholders can hinder an IG initiative from the start.
Overcoming the challenges outlined above is realistic, and many corporations are seeing success. Following the key principle of “don’t let perfect be the enemy of good,” will guide teams toward a step-by-step approach that focuses on the basics. Ultimately, IG programs can help corporations identify their most at-risk datasets, reduce them compliantly and add security protocols to protect against a data breach. Check out the October issue of Cybersecurity Law & Strategy.
Related topics:
The views expressed herein are those of the author(s) and not necessarily the views of FTI Consulting, its management, its subsidiaries, its affiliates, or its other professionals.