Association of Corporate Counsel rolls out second edition of cybersecurity toolkit

New checklists have been added, including one for protecting attorney-client privilege
Association of Corporate Counsel rolls out second edition of cybersecurity toolkit

The Association of Corporate Counsel has released the second edition of its Cybersecurity Toolkit for In-house Lawyers, which was developed together with Jackson Lewis P.C.

The updated toolkit includes new checklists and resources on contributing to the software development lifecycle, protecting attorney-client privilege, artificial intelligence-related cyber risks, and advising boards on cybersecurity risks.

The AI security checklist has been amended to contain an overview of common and emerging cyberattack methods; for instance, enhanced attacks where AI is used to bolster phishing and social engineering, AI system attacks like data poisoning and adversarial inputs, and AI-produced attacks like deepfakes, identity fraud, and automated malware. The new toolkit also presents mitigation measures like improved phishing training.

Recent Articles

OCC calls for clear criteria in Defence, Security and Resilience Bank headquarters location choice
Legal operations’ evolving role the central theme of 2026 CLOC Global Institute
Why Janice Jong chose an in-house role after a decade away from legal practice

A software development-related checklist was incorporated in light of the 2020 SolarWinds cyberattack, which showed that vendor-provided software products needed securing as well. The attorney-client privilege checklist highlights practices to assist counsel in structuring incident response communications and reports.

The new toolkit also includes a callout box with questions boards can consult to facilitate their involvement in organizations’ security functions.

Joseph Lazzarotti and Damon Silver, co-leaders of Jackson Lewis’ privacy, ai and cybersecurity group, noted that cybersecurity threats have increased in complexity.

“Managing cybersecurity risk is one of the most critical responsibilities in-house counsel have to safeguard their organizations. This second edition reflects the latest challenges and opportunities facing in-house lawyers, from addressing AI-related risks to strengthening breach response plans,” said Veta T. Richardson, ACC’s president and CEO, in a statement.

An ACC Foundation report published in March revealed that 38 percent of chief legal officers held leadership roles involving cybersecurity responsibilities. The report also found that CLOs considered phishing and social engineering, data breaches, ransomware, fraud, and lack of awareness to be the biggest AI-powered cyber threats.

The cybersecurity toolkit update follows the ACC’s release of an AI-focused toolkit in May.