Judith H. Germano
Do companies and their legal advisors trust the government enough to reach out for help in the event of a breach, and do they perceive sufficient benefits from doing so? One major stumbling block in that assessment is the dichotomous role of government toward corporate data breach victims on the cybersecurity stage: that as protector, and as enforcer. A number of executives remain wary about reaching out to the government for help in a cybersecurity breach (when not legally compelled to do so), recognizing that the same government with whom they will share data will investigate and potentially bring an enforcement action against the company for deficiencies in how they prepared for or responded to the incident. The government took a small but meaningful step toward addressing that concern last week.