Shook Business Litigator Shares California Audit Insight in Cybersecurity Law Report

Shook Partner Colman McCarthy was featured in an article “Steps to Address the New California Audit Rule That Seeks to Reset Reasonable Security” by Cybersecurity Law Report discussing the new audit rule approved by the California Privacy Protection Agency (CPAA). The audits must consider two dozen cybersecurity practices, representing the redefinition of what constitutes reasonable cybersecurity efforts under California law.

“AI is a complicating development for the audits. Companies should consider whether they have somebody who understands the technology enough to be able to assess the risk,” said McCarthy.

He also stated that companies should not delay addressing the California audits, as cyber teams will need resources for technical implementations for any areas or components that the auditor deems lacking.