As privacy compliance checks in litigation and regulatory enforcement become more comprehensive, one way to evaluate a company’s privacy program is through a penetrative test of its cybersecurity controls, Baker McKenzie’s Brian Hengesbaugh, Cristina Messerschmidt and Jerome Tomas write. A "pen test" includes identifying key elements of compliance in a company's privacy program to test, deciding what applications are “in-scope” of the exercise and reporting findings “in the form of privileged legal memorandums” that outline recommendations.
Full Story
Comments
If you want to comment on this post, you need to login.