We all know that any corporate board of directors, regardless of how big a company is, must keep cybersecurity top of mind and diligently stay apprised of threat assessment and mitigation. However, it's often unclear when and how the general counsel should be involved in cybersecurity discussions. The answer is simple: from the beginning. Having general counsel and the C-suite involved early can help identify responsibilities and the right course of action before, during and after a potential cyberattack.

I encourage other general counsels and their teams to start having conversations right away, or continue the conversations they have already started.

It's also beneficial to have conversations between general counsels of different companies to compare notes and discuss where risk would best reside in the supply chain. This is a great example of how general counsels can help businesses keep pace with change. This is more than just sharing information outside the realm of transacting business; it can help foster change in the practice of law because business can drive change into the legislative and regulatory arenas. 

I recently sat on a cyber-liability panel at the New York Stock Exchange General Counsel Forum and spoke about the various types of cybercrime: hacktivists, nation-state, and cyber-criminals. It's important for the legal profession to work closely with chief information security officers, law enforcement, regulators and standards bodies to help take the offensive.

The general counsel's role will continue to evolve as technology disrupts the global market. It’s our professional responsibility to identify common ground, share best practices, maximize agility, and encourage each other to enable our clients to move rapidly and keep pace with technological change.