Learning Center Article

Back

Data Breach Response Handbook

by Other | Other - Law Firms | 08/05/2019

It has been several years since data breaches first emerged as the lead news story.  Despite increasing security and technology advancements, companies are still grappling with how to stay ahead of hackers and, when they cannot, how to respond to a breach in a way that minimizes business disruption and reputation risk.

Although statistics vary, in 2018 there were approximately 1,244 publicly reported data breaches and, according to one watchdog group, those breaches impacted nearly 450 million consumer records.1 In the first five months of 2019, there were 555 data breaches.2 If this rate continues, 2019 is on pace to exceed 2018 numbers. In 2018, security compromises and data breaches most heavily affected the retail, finance, hospitality and manufacturing industries.3 Together, these industries suffered 49% of all data compromising events.  The other 51% of attacks affected a wide array of industries.4  Consumers, regulators, shareholders, and business partners are scrutinizing whether organizations that suffer a data security breach had adequate security before the breach occurred, and are critically examining how organizations prepare for, investigate, and respond to security incidents.  Instances in which stakeholders believe that an organization’s preparation or response was inadequate have led to litigation, regulatory investigation, erosion of client base and, increasingly, changes in management.5  Given this context, it is not surprising that when board members and general counsel are asked “What keeps you up at night?” the answer continues to be: “data security.”6

To read more, please log in

Junto Plus

The Intersection of Third Party Risk and Insurance
A Q&A with Matthew Cherian of BitSight

Third party data security risk continues to grow and even mature enterprises struggle to contain this unwieldy challenge. For cyber insurers, it’s becoming increasingly urgent to find better tools for assessing third party vendor risk when underwriting for a policy. To learn more about why and how this should be done, I spoke with Matthew Cherian, Vice President of Strategic Partnerships of BitSight

11/26/19 | Junto Plus

HHS Breach Data

Number Reported: 1928

Latest Incident
Capital Nephrology
State:
MD
# of Records:
4000
Type of Breach:
Hacking/IT Incident