The following ingredients really apply to any organization evaluating their data security posture, not just law firms.
The first 4 ingredients are about Protect – protecting your data. The last 2 ingredients are about Respond – responding to a cybersecurity incident. This is a clear recognition of the likelihood of an incident.
Let us help your organization develop, improve, and test your incident response capabilities.
The full article by Daryn Teague (May 2015) is available at this link:
http://businessoflawblog.com/2015/05/law-firm-data-security/
Raising executive awareness on the importance of incident response planning should raise executive support. This is one in a series of references that serve as tools for engaging your executives and gaining their support.
The full collection of references is available at this link:
https://coordinatedresponse.com/topics/incident-response-plan/executive-awareness//
A post on the Fredrikson & Byron law firm’s website identified: 4 Legal Considerations to Help Directors Manage Cyber Risk (Evan C. Berquist, September 2015).
“The United States Court of Appeals for the Third Circuit held that the Federal Trade Commission (FTC) has authority under Section 5 of the FTC Act to regulate cybersecurity.”
“The opinion is the latest development in a legal drama that began after Wyndham Worldwide Corp. (Wyndham) suffered three data breaches between 2008 and 2009. The breaches resulted in the improper disclosure of the personal information of more than 610,000 Wyndham customers.”
“The Wyndham litigation has underscored at least two significant new developments in cybersecurity: First: directors can be held individually liable for their failure to adequately manage cyber risks; and Second: government regulators, including the FTC, the Securities and Exchange Commission (SEC), among others, are making cybersecurity an increasingly important enforcement priority. And courts are ratifying the agencies’ broad assertion of regulatory authority.”
The article is available at: http://www.fredlaw.com/news__media/2015/09/09/995/4_key_legal_considerations_to_help_directors_manage_cyber_risks
Raising executive awareness on the importance of incident response planning should raise executive support. This is one in a series of references that serve as tools for engaging your executives and gaining their support.
The full collection of references is available at this link:
https://coordinatedresponse.com/topics/incident-response-plan/executive-awareness/
The law firm of Baker Hostetler often assists clients in responding to cybersecurity incidents. The firm publishes an annual report: Data Security Incident Response Report 2015.
The 2015 report provides statistics on incidents by industry, a list of probable causes, descriptions of the adverse outcomes, and valuable recommendations. It provides executives with a sense of the risks and potential impacts.
The top 5 causes of incidents experienced by the firm:
Every company is at risk from these attacks.
The law firm identifies seven proactive steps to be “compromise ready”. The first step is to develop and exercise an incident response plan. The second step is to engage an experienced security consultant to conduct a security assessment. Coordinated Response is well qualified to help with these steps and more.
The full article is available as a PDF file at:
https://www.bakerlaw.com/files/uploads/Documents/Data%20Breach%20documents/BakerHostetler-Data-Security-Incident-Response-Report-2015.pdf
Raising executive awareness on the importance of incident response planning should raise executive support. This is one in a series of references that serve as tools for engaging your executives and gaining their support.
The full collection of references is available at this link:
https://coordinatedresponse.com/topics/incident-response-plan/executive-awareness//