In order to educate companies on the importance of cybersecurity and the different measures that can be taken to mitigate cyber threats, Boston law firm Mintz Levin held expert panel Tuesday night for Boston businesses seeking information on how to better protect themselves in the cyber world.
Christopher Liu, American International Groups’s lead CyberEdge specialist for the United States and Canada, led the panel, consisting of Mintz Levin members Jonathan Cain, Chris Harvie and Adam Veness.
The panel dove into the new cybersecurity framework of the National Institute of Standards and Technology, the ongoing measures the U.S. Security and Exchange Commission is taking, as well as the importance of cybersecurity for companies.
Veness said he participated in the event to help educate his company’s clients.
“It’s important for public companies to really think about their cybersecurity disclosure,” he said. “The SEC has been focusing on it a little more and so this is our way to educate our clients … what their obligations might be as public companies.”
Cain began the discussion with an explanation of NIST’s new cybersecurity framework, which the company released on Feb 12. The framework consists of a series of core standards that companies should look at when assessing their level of cyber security. The framework was designed as a way to measure how far the companies still have to go and what they have to do to improve their cyber security profile.
Cain promoted the new framework and said he found it was helpful in analyzing the success of a company’s cybersecurity.
“It’s fair to say this is a standardized way to approach analyzing cybersecurity,” he said. “It certainly adopts well-recognized industry standards that have been part of the cyber security environment or ecosystem.”
The panelists used the recent security breaches of Target and Neiman Marcus to illustrate the importance of identifying cybersecurity risks and finding ways to combat them. They emphasized cyber insurance as one of the ways to combat security breeches.
Liu illustrated the importance of cybersecurity by comparing an insured company to an insured building.
“When you buy property insurance for your building, your warehouse, you install fire protections and then you buy fire insurance,” he said.
The event’s attendees had an overall positive impression of the panel, and many said it was incredibly educational.
Daniel Harary, 29, an associate of Mintz Levin from New York, said he found the panel educational after hearing about the aforementioned security breaches.
“The panel was excellent and it really focused on the issues very well and it gave very, very nice takeaways,” he said. “It’s hard now to deny how critical [cyber security] is for any major company, especially after we saw breaches at Target and Neiman Marcus.”
Kathy Henry, 41, the deputy general counsel at Plymouth Rock Assurance Corp. from West Roxbury, said education on cybersecurity issues is important to protect the personal data customers entrust to her company.
“We have a lot of personal data, so protecting the consumer data that our customers entrust to us is of the utmost importance to us as an enterprise,” she said. “Protecting that information from cyber theft is critically important. My job as a lawyer for the company is to become more educated on these issues so we’re at the cutting edge of protecting data.”
Michael Kelly, 49, the business development director at AIG in Boston, said the discussion was important because some companies still have not addressed cybersecurity.
“It starts a discussion for companies that have yet to address cybersecurity, about the relevance and importance of it in changing behaviors to improve the security of their data and of their client’s data,” he said.
Brad Stock, 46, project lead in the TJX security department from Framingham, also said companies have a responsibility to protect their clients’ data.
“Basically it’s your data that’s out there,” he said. “People are using it, sometimes you know that sometimes you don’t. We have a responsibility to take care of it. When we don’t, it affects you.”