CLE
UPCOMING

Paper Tigers in Cybersecurity and How to Fix Them

Resources Calendar Icon
05 Aug, 2025 | 
1:00 PM EST
Resources Clock Icon
60mins
Resources Location Icon
Virtual event
Resources Plus Icon
1.0 Credits

Many view corporate cybersecurity policies merely as a necessary formality for compliance. Often maligned for being outdated or slow, these policies can be seen as a tool for bureaucracy to cover their bases without effecting real change. However, strong policies do more than check a box—they can serve as tools for clarity, accountability, and risk control that support business goals and day-to-day decision-making. 

This continuing legal education course explores the unique opportunity for in-house counsel to contribute meaningfully to policy design and implementation. We’ll examine the legal and organizational context in which information security policies are created, maintained, and challenged. Participants will leave with a clearer understanding of where policy tends to fail in practice, and what attorneys can do to ensure it works. 

This CLE is eligible for credit in all 50 states and free to register. If you’ve ever wondered why some policies collapse in practice, this hour will leave you with sharper questions and a clearer perspective. Sign up today! 
See Summary & State Accreditation Details

Register

Dont miss this opportunity to gain valuable insights and strategies from leading experts in the field. Register now to secure your spot. 

* Required

Cybersecurity Policy CLE Agenda

What Policy Is—and What It Isn’t

  • Misunderstanding #1: Policy as a compliance artifact 
  • Misunderstanding #2: Policy as a bottom-up IT document
  • Reality: Information security policy is a governance tool to express priority, risk tolerance, and accountability

Core Principles for Policy Development

  • Why and how data is collected, used, stored, and disposed
  • Detective, preventative, and remedial controls
  • Primary stakeholders and business “north star”

Case Study: Equifax 

  • Separation of duties
  • Data breach results & impact 
  • Common pitfalls
    • Mad libs and technical jargon

What Effective Policy Looks Like

  • Feasibility 
  • Assignment of ownership
  • Enforceable mechanisms
  • Alignment with:
    • Regulatory Compliance
    • Contractual Obligations,
    • Insurance Requirements
  • Support for key business outcomes

Using Frameworks Effectively

  • ISO27001 and SOC2
  • “Checklist Compliance”
  • NIST CSF and CISA Guidance

Axiom Counsel’s Role

  • The use of AI to prepare corporate documents. 
  • AI and Ethics concerns 
  • Practical Guidance

Common Policy Failure Watch Outs

  • Outcomes without ownership mechanism
  • Unverified and unenforced controls
  • Outdated asset inventories
  • Legacy systems with no exception handling
  • Business disruptions from:
    • Sales blocked by InfoSec review
    • Denied cyber insurance claims
REGISTER NOW

Elevate your in-house legal team

Get connected with vetted Axiom legal professionals, seamlessly integrated into your team, when and how you need them.

Find A Lawyer Now Talk To Our Team
Live Page: true