Learning Center Article
Data Breach Response Handbookby Other | Other - Law Firms | 08/05/2019
It has been several years since data breaches first emerged as the lead news story. Despite increasing security and technology advancements, companies are still grappling with how to stay ahead of hackers and, when they cannot, how to respond to a breach in a way that minimizes business disruption and reputation risk.
Although statistics vary, in 2018 there were approximately 1,244 publicly reported data breaches and, according to one watchdog group, those breaches impacted nearly 450 million consumer records.1 In the first five months of 2019, there were 555 data breaches.2 If this rate continues, 2019 is on pace to exceed 2018 numbers. In 2018, security compromises and data breaches most heavily affected the retail, finance, hospitality and manufacturing industries.3 Together, these industries suffered 49% of all data compromising events. The other 51% of attacks affected a wide array of industries.4 Consumers, regulators, shareholders, and business partners are scrutinizing whether organizations that suffer a data security breach had adequate security before the breach occurred, and are critically examining how organizations prepare for, investigate, and respond to security incidents. Instances in which stakeholders believe that an organization’s preparation or response was inadequate have led to litigation, regulatory investigation, erosion of client base and, increasingly, changes in management.5 Given this context, it is not surprising that when board members and general counsel are asked “What keeps you up at night?” the answer continues to be: “data security.”6
To read more, please log in
The Intersection of Third Party Risk and Insurance
A Q&A with Matthew Cherian of BitSight
Third party data security risk continues to grow and even mature enterprises struggle to contain this unwieldy challenge. For cyber insurers, it’s becoming increasingly urgent to find better tools for assessing third party vendor risk when underwriting for a policy. To learn more about why and how this should be done, I spoke with Matthew Cherian, Vice President of Strategic Partnerships of BitSight