According to recent surveys, cybersecurity is the number one business priority…and it should be. Cyber crime has been estimated to cost the global economy between $400 and $575 billion each year, with the United States taking the largest hit at an estimated $100 billion annually. In 2014, the average cost to a U.S. company was $3.5 million. Any company, regardless of size or industry, is vulnerable, especially if your business involves collecting, storing, or utilizing the financial and personal information of your clients and employees.
Jennings, Strouss & Salmon works with companies to ensure they have the necessary policies, procedures and safeguards in place to minimize the risk of and effectively respond to cyber threats and breaches. Our clients represent a wide-range of industries, including aerospace defense, e-commerce, education, financial services, government, healthcare, retail, technology, telecommunications, and utilities.
The multi-disciplinary team of attorneys in our Cybersecurity practice help clients understand and comply with data protection and privacy laws, including Gramm-Leach-Bliley Act, Sarbanes-Oxley, Federal Trade Commission Act, the Fair Credit Reporting Act (FCRA), CAN-SPAM, HIPAA, the Payment Card Industry Data Security Standard, the HITECH Act, Children’s Online Privacy Protection Act, Executive Order on Improving Critical Infrastructure, state and federal security breach notification laws, and other federal and state regulations.
One of the first things a company will be asked after a breach is whether it took “reasonable measures” to secure its data. What constitutes a reasonable measure may vary depending on many factors, such as the source of the breach (i.e., internal or external), the exposure or loss of data, and the regulatory agency involved in the investigation. Jennings, Strouss & Salmon assists companies with privacy and security assessments to ensure measures are in place to minimize the risk of a breach and develop an incident response plan should a breach occur. We also work with the client to develop, implement and communicate written policies and procedures for collecting, storing, securing and distributing sensitive and proprietary data. In addition, our attorneys help companies evaluate their business insurance and the options available for cybersecurity coverage.
Should a breach occur, our Cybersecurity team of attorneys will assist clients with the implementation of an incident response plan, including when and how to report the breach to the appropriate regulatory agencies and the individual and businesses that may be affected. In the event the breach results in litigation, our experienced trial attorneys will guide clients through the process, providing the most efficient and cost-effective solution.