On December 13, 2013, it was reported that Target was the victim of a successful cyber attack, resulting in the theft of personal financial information from up to 110 million Target credit card customers – the largest theft in history of such information. As of December 27, at least 40 lawsuits had been filed against Target according to federal court records. When considering the costs Target will bear, not limited to remediation, equity losses, brand damage, discounts offered, and business lost to competitors during the busy holiday season, it’s easy to estimate the total well into the hundreds of millions of dollars.
“Recent security breaches are a stark reminder that no company is safe from cyber attack. Regardless of industry or sector, corporate leaders, from the Board of Directors to the General Counsel, need to be asking themselves, "How good are we?" Taking proactive steps now to prepare for the inevitable is the best way to mitigate the damage that results from a network compromise."
- Kevin Mandia, former CEO of Mandiant and current chief operating officer of global network security firm FireEye
Unfortunately, cyber attacks are unavoidable today and experts are promising the number of successful and damaging attacks will only increase in 2014.
Experian, the credit report bureau with a division working on data breaches, released a report stating that “[t]he healthcare industry, by far, will be the most susceptible to publicly disclosed and widely scrutinized data breaches in 2014.” The energy, retail, financial and technology sectors also face similar threats and the legal implications to managing these risks and their consequences.
However, businesses can reduce the likelihood of a breach and, most critically, prepare to respond to and manage such a crisis. In the spirit of setting New Year’s resolutions, now is the perfect time to minimize the risk of breaches by proactively:
safeguarding your customers’ personal information;
securing your intellectual property;
mitigating your company’s risk; and
protecting your bottom line.
Increasingly, leadership and responsibility in mitigating cyber attacks originate not only from chief information and technology officers, but additionally extend into the full C-suite and Boards of Directors. Did you know that over 70% of company Boards of Directors rarely or never review their company’s privacy and security budgets? A 2013 Ponemon Institute study states that a U.S. company with a strong security posture will significantly reduce the cost of a breach.
The cyber security environment is confusing as it is. U.S. federal government, state, and international regulations and standards are extremely varied, and the number of security “products” on the market grows larger by the day, only adding to this confusion.
Manatt wants to make certain that you and your company take all steps necessary to mitigate your company’s risk and protect your bottom line.