Scarinci Hollenbeck, LLC, LLCScarinci Hollenbeck, LLC, LLC

Firm Insights

Cybersecurity Awareness Month Arrives in Wake of Serious Breaches

Author: Scarinci Hollenbeck, LLC

Date: October 18, 2017

Key Contacts

Back

October is National Cybersecurity Awareness Month, Which Makes it an Excellent Time to Evaluate Your Company’s Existing Prevention & Response Strategies

October is National Cybersecurity Awareness Month, which makes it an excellent time to evaluate your company’s existing prevention and response strategies. A new study regarding the frequency of cyber-attacks should serve as motivation to also evaluate your insurance coverage.

Cybersecurity Awareness Month Arrives In Wake of Data Breaches
Photo courtesy of Stocksnap.io

Half of Businesses Experienced Cyberattacks in the Past Year

In total, 53 percent of U.S. businesses have fallen victim to a cyber attack in the past year, according to a recent survey by The Hartford Steam Boiler Inspection and Insurance Co. (HSB). In response to the increased frequency of attacks, nearly two-thirds of companies purchased or increased their level of cyber insurance coverage over the past year. An additional 56 percent of obtained cyber insurance for the first time.

In many cases, the cyber attacks were costly. Of those that experienced cyber attacks, 72 percent spent more than $5,000 to restore or replace software and hardware and address other ramifications of the intrusion. The study further found that 38 percent spent more than $50,000 to investigate the incident and remediate IT vulnerabilities and customer impact: 10 percent spent $100,000 to $250,000, and seven percent, more than $250,000.

When businesses were hacked, the most frequent consequences were data loss (with 60 percent of companies falling victim) and business interruption (55 percent). The most common culprits of the cyber-attacks were malware (53 percent) and viruses (51 percent). The surveyed U.S. businesses also experienced distributed denial of service (DDoS) attacks (35 percent), ransomware (29 percent), cyber extortion (25 percent), and social engineering (13 percent). Not surprisingly, businesses listed disgruntled employees (a/k/a malicious insiders) and hackers as the biggest threats to their data security.

Do Your Data Protection Procedures Leave Room for Improvement?

While most businesses recognize the threats posed by cyber-attacks and data breaches, studies continually show that many are not devoting the resources needed to adequately address the problem. And that’s understandable – to a point. While businesses must focus on money-generating activities to survive, they must also recognize that the cost of doing business must include adequate cybersecurity measures because a single data breach could easily wreak havoc and interrupt the very business activity necessary to survive – and even destroy the business.

Refreshingly, cybersecurity and IT hygiene need not be complicated or prohibitively costly. In fact, most of the data breach incident response investigations I’ve handled could have been mitigated, if not prevented, had simple measures been taken by the organizations targeted.

With this in mind, below are a few basic, yet valuable, principles for improving your company’s cybersecurity:

  • Know your Data: Businesses must take steps to protect their confidential data, including customer data, no matter where it is stored. This includes data on employee mobile devices, the company’s web portal for employees, and servers the company controls.
  • Police vendors and employees: It is not enough to have data security policies and procedures in place. To ensure compliance, businesses should conduct periodic audits of their third-party vendors and employees. You may be shocked to discover that your suppliers do not encrypt the sensitive data you entrust to them or that your employees often fail to install required security updates.
  • Be flexible: Effective data security measures must be flexible to meet a company’s changing needs. This requires that you regularly evaluate your company’s data security vulnerabilities as well as emerging threats.
  • Review insurance coverage: Businesses should evaluate their current insurance policies to determine if losses incurred due to a cyber attack (business interruption, website outage, privacy breach) would be covered. If you do identify coverage gaps, it is advisable to consider a cyber-insurance policy that specifically addresses these risks.
  • Act quickly: If you do suffer a cyber attack, it is imperative to act quickly. Not only does this require having a data breach response and notification plan in place before a hacker strikes, BUT ALSO knowing a trusted cyber lawyer to call the instant a breach occurs. Everyone in the organization from the crisis management team, to the IT staff, to the executive management should understand their duties and be prepared to execute them with the help of a cyber lawyer.

As we continually emphasize to our clients, effective data security policies and procedures are essential for businesses of all sizes. Failing to have the proper protections in place will not only hurt your company’s reputation but also may impact your bottom line.

To see how these principles translate into specific actions you can take – today – to be more secure, stay tuned for helpful, daily cybersecurity tips that can help businesses better protect themselves from cyber threats and ensure that trade secrets and personal information are not exposed and compromised.

Do you have any feedback, thoughts, reactions or comments concerning this topic? Feel free to leave a comment below for Fernando M. Pinguelo. If you have any questions about this post, please contact me or the Scarinci Hollenbeck attorney with whom you work. To learn more about data privacy and security, visit eWhiteHouse Watch – Where Technology, Politics, and Privacy Collide (http://ewhwblog.com).

    No Aspect of the advertisement has been approved by the Supreme Court. Results may vary depending on your particular facts and legal circumstances.

    Scarinci Hollenbeck, LLC, LLC

    Related Posts

    See all
    When to Settle and When to Fight: A Litigator's Framework post image

    When to Settle and When to Fight: A Litigator's Framework

    Every lawsuit comes with a cost, and knowing when to settle a lawsuit is one of the most consequential decisions a business owner will face. Experienced litigators understand how to minimize cost and obtain certainty for their clients. For many business owners, the decision is viewed almost entirely through a financial lens: What will it cost […]

    Author: Sean M. Pena

    Link to post with title - "When to Settle and When to Fight: A Litigator's Framework"
    A Whistleblower Just Filed a Complaint Against Your Company: Here's What to Do Now post image

    A Whistleblower Just Filed a Complaint Against Your Company: Here's What to Do Now

    Few situations create more uncertainty than learning that an employee has filed a whistleblower complaint. Questions arise immediately: Is the allegation legitimate? Should the employee be placed on leave? Do we need to notify our insurance carrier? Are we now prevented from disciplining the employee if there are unrelated ongoing work related issues? There is […]

    Author: Sean M. Pena

    Link to post with title - "A Whistleblower Just Filed a Complaint Against Your Company: Here's What to Do Now"
    Assignment for the Benefit of Creditors: An Alternative to Bankruptcy for Distressed Businesses post image

    Assignment for the Benefit of Creditors: An Alternative to Bankruptcy for Distressed Businesses

    When a business reaches the point where it can no longer service its debts or otherwise resolve its liabilities, management is often faced with a difficult question: is a bankruptcy filing necessary or is there another way to perform an orderly liquidation or sale of the business assets? While Chapters 7 and 11 of the […]

    Author: John D. Giampolo

    Link to post with title - "Assignment for the Benefit of Creditors: An Alternative to Bankruptcy for Distressed Businesses"
    Breaking Down New Jersey’s “Mansion” Tax: What Buyers and Sellers Need to Know post image

    Breaking Down New Jersey’s “Mansion” Tax: What Buyers and Sellers Need to Know

    For many years, the New Jersey Mansion Tax has been a significant consideration in high-value real estate transactions. Recent legislative changes, however, have substantially altered how the tax operates, including who is responsible for paying it and the amount owed in certain transactions. Whether you are purchasing, selling, or investing in New Jersey real estate, […]

    Author: George McGowan

    Link to post with title - "Breaking Down New Jersey’s “Mansion” Tax: What Buyers and Sellers Need to Know"
    Estate Planning for Digital Assets Under New Jersey Law post image

    Estate Planning for Digital Assets Under New Jersey Law

    As our personal and financial lives increasingly move online, estate planning must evolve to address a new category of property: digital assets. From email accounts and social media profiles to cryptocurrency and cloud-stored business records, these assets often carry both financial and sentimental value. Yet, without proper planning, they can become inaccessible—or even lost—upon incapacity […]

    Author: Marc J. Comer

    Link to post with title - "Estate Planning for Digital Assets Under New Jersey Law"
    The Role of Representation and Warranty Insurance in M&A Transactions post image

    The Role of Representation and Warranty Insurance in M&A Transactions

    In today’s mergers and acquisitions market, representation and warranty (R&W) insurance has become a common feature of deal negotiations. Once used primarily in larger transactions, R&W insurance is now frequently incorporated into middle-market deals as buyers and sellers look for efficient ways to allocate risk and close deals. When structured properly, R&W insurance can help […]

    Author: George McGowan

    Link to post with title - "The Role of Representation and Warranty Insurance in M&A Transactions"

    No Aspect of the advertisement has been approved by the Supreme Court. Results may vary depending on your particular facts and legal circumstances.

    Sign up to get the latest from our attorneys!

    Explore What Matters Most to You.

    Consider subscribing to our Firm Insights mailing list by clicking the button below so you can keep up to date with the firm`s latest articles covering various legal topics.

    Stay informed and inspired with the latest updates, insights, and events from Scarinci Hollenbeck. Our resource library provides valuable content across a range of categories to keep you connected and ahead of the curve.

    Let`s get in touch!

    * The use of the Internet or this form for communication with the firm or any individual member of the firm does not establish an attorney-client relationship. Confidential or time-sensitive information should not be sent through this form. By providing a telephone number and submitting this form you are consenting to be contacted by SMS text message. Message & data rates may apply. Message frequency may vary. You can reply STOP to opt-out of further messaging.
    “If you would like to submit a file, please email it directly to info@sh-law.com.

    Sign up to get the latest from the Scarinci Hollenbeck, LLC attorneys!