A New Year’s Resolution to Avoid Cyber Attacks: It Is Not IF but WHEN … Just Ask Target


On December 13, 2013, it was reported that Target was the victim of a successful cyber attack, resulting in the theft of personal financial information from up to 110 million Target credit card customers – the largest theft in history of such information. As of December 27, at least 40 lawsuits had been filed against Target according to federal court records. When considering the costs Target will bear, not limited to remediation, equity losses, brand damage, discounts offered, and business lost to competitors during the busy holiday season, it’s easy to estimate the total well into the hundreds of millions of dollars.

“Recent security breaches are a stark reminder that no company is safe from cyber attack. Regardless of industry or sector, corporate leaders, from the Board of Directors to the General Counsel, need to be asking themselves, "How good are we?" Taking proactive steps now to prepare for the inevitable is the best way to mitigate the damage that results from a network compromise."
- Kevin Mandia, former CEO of Mandiant and current chief operating officer of global network security firm FireEye

Unfortunately, cyber attacks are unavoidable today and experts are promising the number of successful and damaging attacks will only increase in 2014.

Experian, the credit report bureau with a division working on data breaches, released a report stating that “[t]he healthcare industry, by far, will be the most susceptible to publicly disclosed and widely scrutinized data breaches in 2014.” The energy, retail, financial and technology sectors also face similar threats and the legal implications to managing these risks and their consequences.

However, businesses can reduce the likelihood of a breach and, most critically, prepare to respond to and manage such a crisis. In the spirit of setting New Year’s resolutions, now is the perfect time to minimize the risk of breaches by proactively:

  • safeguarding your customers’ personal information;
  • securing your intellectual property;
  • mitigating your company’s risk; and
  • protecting your bottom line.

Increasingly, leadership and responsibility in mitigating cyber attacks originate not only from chief information and technology officers, but additionally extend into the full C-suite and Boards of Directors. Did you know that over 70% of company Boards of Directors rarely or never review their company’s privacy and security budgets? A 2013 Ponemon Institute study states that a U.S. company with a strong security posture will significantly reduce the cost of a breach.

The cyber security environment is confusing as it is. U.S. federal government, state, and international regulations and standards are extremely varied, and the number of security “products” on the market grows larger by the day, only adding to this confusion.

Manatt wants to make certain that you and your company take all steps necessary to mitigate your company’s risk and protect your bottom line.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Manatt, Phelps & Phillips, LLP | Attorney Advertising

Written by:


Manatt, Phelps & Phillips, LLP on:

Readers' Choice 2017
Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.