Chief information officers may soon have to find themselves lawyers, because as cybersecurity attacks increase, the IT leaders could end up in the courtroom, according to an article at the Wall Street Journal.
In the wake of the fallout from the news that the U.S. Office of Personnel Management was hacked, exposing the records of millions of federal employees, agency CIO Donna Seymour is facing a lawsuit.
"We are absolutely going to see more CIOs taking the fall and ultimately being named in lawsuits," Matthew Karlyn, a partner at Foley & Lardner LLP, tells the WSJ.
This is troubling news for the healthcare industry, which is one of the most appealing targets for hackers. Cybersecurity is already on the list of concerns for CIOs at health systems and hospitals, and the potential to be sued if an attack occurs will no doubt keep that at No. 1.
For CIOs that do find themselves in a courtroom, Karlyn says a good defense is showing an attentive approach to installing, adapting and testing cybersecurity measures. If a CIO can show they carried out those responsibilities to the best of their abilities, they may not be judged liable, he adds.
CIOs may not be the only ones in healthcare who face severe consequences for a cyberattack, CEOs who don't see a cyberattack as a business risk should be fired, according to Mansur Hasib.
To learn more:
- here's the WSJ article