Scarinci Hollenbeck, LLC, LLCScarinci Hollenbeck, LLC, LLC

Firm Insights

Cybersecurity Awareness Month Arrives in Wake of Serious Breaches

Author: Scarinci Hollenbeck, LLC

Date: October 18, 2017

Key Contacts

Back

October is National Cybersecurity Awareness Month, Which Makes it an Excellent Time to Evaluate Your Company’s Existing Prevention & Response Strategies

October is National Cybersecurity Awareness Month, which makes it an excellent time to evaluate your company’s existing prevention and response strategies. A new study regarding the frequency of cyber-attacks should serve as motivation to also evaluate your insurance coverage.

Cybersecurity Awareness Month Arrives In Wake of Data Breaches
Photo courtesy of Stocksnap.io

Half of Businesses Experienced Cyberattacks in the Past Year

In total, 53 percent of U.S. businesses have fallen victim to a cyber attack in the past year, according to a recent survey by The Hartford Steam Boiler Inspection and Insurance Co. (HSB). In response to the increased frequency of attacks, nearly two-thirds of companies purchased or increased their level of cyber insurance coverage over the past year. An additional 56 percent of obtained cyber insurance for the first time.

In many cases, the cyber attacks were costly. Of those that experienced cyber attacks, 72 percent spent more than $5,000 to restore or replace software and hardware and address other ramifications of the intrusion. The study further found that 38 percent spent more than $50,000 to investigate the incident and remediate IT vulnerabilities and customer impact: 10 percent spent $100,000 to $250,000, and seven percent, more than $250,000.

When businesses were hacked, the most frequent consequences were data loss (with 60 percent of companies falling victim) and business interruption (55 percent). The most common culprits of the cyber-attacks were malware (53 percent) and viruses (51 percent). The surveyed U.S. businesses also experienced distributed denial of service (DDoS) attacks (35 percent), ransomware (29 percent), cyber extortion (25 percent), and social engineering (13 percent). Not surprisingly, businesses listed disgruntled employees (a/k/a malicious insiders) and hackers as the biggest threats to their data security.

Do Your Data Protection Procedures Leave Room for Improvement?

While most businesses recognize the threats posed by cyber-attacks and data breaches, studies continually show that many are not devoting the resources needed to adequately address the problem. And that’s understandable – to a point. While businesses must focus on money-generating activities to survive, they must also recognize that the cost of doing business must include adequate cybersecurity measures because a single data breach could easily wreak havoc and interrupt the very business activity necessary to survive – and even destroy the business.

Refreshingly, cybersecurity and IT hygiene need not be complicated or prohibitively costly. In fact, most of the data breach incident response investigations I’ve handled could have been mitigated, if not prevented, had simple measures been taken by the organizations targeted.

With this in mind, below are a few basic, yet valuable, principles for improving your company’s cybersecurity:

  • Know your Data: Businesses must take steps to protect their confidential data, including customer data, no matter where it is stored. This includes data on employee mobile devices, the company’s web portal for employees, and servers the company controls.
  • Police vendors and employees: It is not enough to have data security policies and procedures in place. To ensure compliance, businesses should conduct periodic audits of their third-party vendors and employees. You may be shocked to discover that your suppliers do not encrypt the sensitive data you entrust to them or that your employees often fail to install required security updates.
  • Be flexible: Effective data security measures must be flexible to meet a company’s changing needs. This requires that you regularly evaluate your company’s data security vulnerabilities as well as emerging threats.
  • Review insurance coverage: Businesses should evaluate their current insurance policies to determine if losses incurred due to a cyber attack (business interruption, website outage, privacy breach) would be covered. If you do identify coverage gaps, it is advisable to consider a cyber-insurance policy that specifically addresses these risks.
  • Act quickly: If you do suffer a cyber attack, it is imperative to act quickly. Not only does this require having a data breach response and notification plan in place before a hacker strikes, BUT ALSO knowing a trusted cyber lawyer to call the instant a breach occurs. Everyone in the organization from the crisis management team, to the IT staff, to the executive management should understand their duties and be prepared to execute them with the help of a cyber lawyer.

As we continually emphasize to our clients, effective data security policies and procedures are essential for businesses of all sizes. Failing to have the proper protections in place will not only hurt your company’s reputation but also may impact your bottom line.

To see how these principles translate into specific actions you can take – today – to be more secure, stay tuned for helpful, daily cybersecurity tips that can help businesses better protect themselves from cyber threats and ensure that trade secrets and personal information are not exposed and compromised.

Do you have any feedback, thoughts, reactions or comments concerning this topic? Feel free to leave a comment below for Fernando M. Pinguelo. If you have any questions about this post, please contact me or the Scarinci Hollenbeck attorney with whom you work. To learn more about data privacy and security, visit eWhiteHouse Watch – Where Technology, Politics, and Privacy Collide (http://ewhwblog.com).

    No Aspect of the advertisement has been approved by the Supreme Court. Results may vary depending on your particular facts and legal circumstances.

    Scarinci Hollenbeck, LLC, LLC

    Related Posts

    See all
    Corporate Consolidation and Antitrust Issues in Mergers post image

    Corporate Consolidation and Antitrust Issues in Mergers

    Corporate consolidation involves two or more businesses merging to become a single larger entity. The result is often a stronger and more competitive company that can better navigate today’s competitive marketplace. What Is Corporate Consolidation? Corporate consolidation closely resembles a basic merger transaction. The primary difference is that a consolidation creates an entirely new business […]

    Author: Dan Brecher

    Link to post with title - "Corporate Consolidation and Antitrust Issues in Mergers"
    What is Business Law and Why Is it Important? post image

    What is Business Law and Why Is it Important?

    Business law plays a critical role in nearly every aspect of running a successful enterprise, from negotiating a commercial lease to drafting employee policies to fulfilling corporate disclosure obligations. Understanding what is business law and your legal obligations can help your business run smoothly and build productive relationships with clients, business partners, regulators, and others. […]

    Author: Dan Brecher

    Link to post with title - "What is Business Law and Why Is it Important?"
    Corporate Transactions: Best Practices for Successful Deals post image

    Corporate Transactions: Best Practices for Successful Deals

    Corporate transactions can have significant implications for a corporation and its stakeholders. For deals to be successful, companies must act strategically to maximize value and minimize risk. It is also important to fully understand the legal and financial ramifications of corporate transactions, both in the near and long term. Understanding Corporate Transactions The term “corporate […]

    Author: Dan Brecher

    Link to post with title - "Corporate Transactions: Best Practices for Successful Deals"
    How to Conduct a Fair and Legal Employee Termination in 2025 post image

    How to Conduct a Fair and Legal Employee Termination in 2025

    Ongoing economic uncertainty is forcing many companies to make tough decisions, which includes lowering staff levels. The legal landscape on both the state and federal level also continues to evolve, especially with significant changes to the priorities of the Equal Employment Opportunity Commission (“EEOC”) under the Trump Administration. Terminating an employee is one of the […]

    Author: Angela A. Turiano

    Link to post with title - "How to Conduct a Fair and Legal Employee Termination in 2025"
    Admin Dissolution for Annual Report: What You Need to Know post image

    Admin Dissolution for Annual Report: What You Need to Know

    While filing annual reports may seem like a nuisance, failing to do so can have significant ramifications. These include fines, reputational harm, and interruption of your business operations. In basic terms, “admin dissolution for annual report” means that a company is dissolved by the government. This happens because it failed to submit its annual report […]

    Author: Dan Brecher

    Link to post with title - "Admin Dissolution for Annual Report: What You Need to Know"
    What Is Antitrust Litigation Law? post image

    What Is Antitrust Litigation Law?

    Antitrust laws are designed to ensure that businesses compete fairly. There are three federal antitrust laws that businesses must navigate. These include the Sherman Act, the Federal Trade Commission Act, and the Clayton Act. States also have their own antitrust regimes. These may vary from federal regulations. Understanding antitrust litigation helps businesses navigate these complex […]

    Author: Robert E. Levy

    Link to post with title - "What Is Antitrust Litigation Law?"

    No Aspect of the advertisement has been approved by the Supreme Court. Results may vary depending on your particular facts and legal circumstances.

    Sign up to get the latest from our attorneys!

    Explore What Matters Most to You.

    Consider subscribing to our Firm Insights mailing list by clicking the button below so you can keep up to date with the firm`s latest articles covering various legal topics.

    Stay informed and inspired with the latest updates, insights, and events from Scarinci Hollenbeck. Our resource library provides valuable content across a range of categories to keep you connected and ahead of the curve.

    Let`s get in touch!

    * The use of the Internet or this form for communication with the firm or any individual member of the firm does not establish an attorney-client relationship. Confidential or time-sensitive information should not be sent through this form. By providing a telephone number and submitting this form you are consenting to be contacted by SMS text message. Message & data rates may apply. Message frequency may vary. You can reply STOP to opt-out of further messaging.

    Sign up to get the latest from the Scarinci Hollenbeck, LLC attorneys!