Resources to assist counsel in developing, implementing, and maintaining a US information security program that supports reasonable data security measures. This Toolkit includes resources that explain cybersecurity technology basics, general and sector-specific information security laws and regulations, and comprehensive information security program development, including data security risk assessments, corporate governance and transaction issues, vendor and supply chain risk management, and bug bounty and vulnerability disclosure programs.
Information security programs protect the confidentiality, integrity, and availability of data and information technology assets. Counsel must understand legal obligations, standard practices, and technology basics to meet client needs in this rapidly changing area. This Toolkit contains resources that provide practical guidance on developing, implementing, and maintaining an information security program that supports reasonable data security measures.