The Importance of Personal Cybersecurity

Malware attacks occur regularly in the United States, costing an estimated $15 million annually. The attacks on large corporations tend to make the news, but anyone connected to the internet is at risk of becoming a victim of a cyberattack. Personal internet connections are, generally, open, and personal computers are easy to locate with scanners, making an easy target for the cybercriminal.

Roughly 64% of Americans experience a data breach and nearly 20 million people become victims of identity theft each year. Many consumers fall prey to hackers through use of social media, where Cybercriminals gain access to personal data by creating fake links that download malware to user devices when users click the link. Consumers may also suffer data loss when cyber thieves victimize companies. The companies are desirable targets for cybertheft as they often collect their customers’ addresses, names, social security numbers, and other personal information.

In response to the data breaches, security-related legislation has been enacted at both the state and federal level. This legislation requires companies to take certain measures to protect sensitive information and establishes standards for notifying consumers when a breach occurs. Depending upon the industry, such as the healthcare industry, additional rules and penalties apply. Overall, with the proliferation and advanced tactics of cyber criminals, careful planning is required, both by a business and those with devices connected to the internet.

© 2017 Vandenack Weaver LLC
For more information, Contact Us

 

Cybersecurity Policies Should Include Associate Agreements

The dizzying pace of recent hacking attempts has prompted national attention. President Obama plans to enact rules allowing the military to respond to national cybersecurity threats. These rules come in the wake of a string of attacks on governments and private firms. Private firms are at high risk, especially when they rely on cloud computing and mobile devices. Their limited ability to address breaches makes this risk worse. Companies should set up procedures to prevent and deal with breaches. They should also consider cybersecurity insurance.

In prior years, many companies ignored the threat of a breach because of low risk in their field. However, hackers are now targeting new types of businesses. Thus, businesses of all types need to address these issues. Even companies with strong cybersecurity policies in place may be overlooking new trends. For example, experts have noted an increase in the number of attacks on consultants, accountants, and law firms. Companies should protect themselves against the risk of indirect attack by requiring that these firms follow certain cybersecurity policies.

© 2013 Parsonage Vandenack Williams LLC

For more information, contact info@pvwlaw.com

Should Your Company Consider A Cybersecurity Disclosure Policy?

Cybersecurity breaches represent a significant, rapidly growing risk to virtually all companies doing business today.  Small companies are particularly prone to a variety of potential cybersecurity breaches, including loss of physical property, social engineering, malicious attacks, or breaches caused by employee conduct.  The consequences of these breaches can include increased costs, lost revenues, reputational damage, and litigation. As a result, the Securities Exchange Commission has recently indicated that public companies must consider cybersecurity risks when disclosing risks to their investors. While the SEC guidance primarily applies to public companies, private companies may also be subject to these requirements if they do business with public companies.

Given the growth of cybersecurity risks and breaches, many states have also acted to promote disclosure of cybersecurity issues. Currently, 46 states have enacted legislation that requires companies to notify customers if a cybersecurity issue compromises their personal information. The potential ramifications of cybersecurity risks may create liability not only for the company itself, but also for its board of directors and officers. Accordingly, companies should regularly review their policies relating to the disclosure of cybersecurity risks and incidents.

© 2012 Parsonage Vandenack Williams LLC

For more information, contact info@pvwlaw.com