Data Protection and Cybersecurity
Data protection and cybersecurity issues are becoming increasingly important with the rapid development of modern technology, and boards have to keep abreast of these concerns. In 2023, 61% of Fortune 100 companies were seeking cybersecurity expertise on their boards - an more than three-fold increase from 20% in 2018.
The increasingly interconnected nature of the world has created new technological paradigms. From geolocation data in cars being used to profile drivers, to communication between devices bypassing privacy settings, the technological compliance for boards have never been more pressing.
As the regulatory framework around technology grows ever more complex, modern boards need in-house data protection and cybersecurity expertise to help them navigate these novel and complex situations - it is not enough to bring in outside advisers.
Despite this, too many boards lack enough cybersecurity and data protection experts. Boards should consider them to be just as important as experts in finance, and non-executive directors need to know how to act if they are on a board that lacks sufficient knowledge of the modern tech and data protection landscape.
At L-EV8, we are uniquely placed to train prospective non-executive directors on how to manage these issues. Our team members have decades of experience working at the highest levels of compliance law, and practical knowledge of handling data protection and cybersecurity matters at the board level.
As part of his legal practice, Jonathan Armstrong has focused on technology, risk, and governance matters for more than 25 years, and he is widely regarded as a leading expert in compliance law. He is a regular contributor to the Everything Compliance and Life with GDPR podcasts, and appears on the Compliance Podcast Network with his TechLaw10 podcast. He also makes regular media appearances to discuss cybersecurity issues, and he is a co-author of LexisNexis’ definitive work on technology law, "Managing Risk: Technology & Communications".
Jonathan’s work has involved cases in over 60 countries covering a wide range of compliance issues. This includes making one of the first GDPR data breach reports on behalf of a lawyer who had compromised sensitive personal data; to date, Jonathan is particularly active in advising clients on their response to GDPR and data breaches.
On a board level, Nishant Sood has extensive experience with compliance matters. He has served as a board member responsible for regulatory compliance on matters such as conflicts of interest, fiduciary duties, authorisations and constitutions, and data protection. He has also been heavily involved in the training of boards on their responses to these issues.
Nish and Jonathan bring their experience to bear in our Foundation Course, ensuring that prospective non-executive directors are fully informed of the data protection and cybersecurity issues that come with sitting on a modern board.