How to prevail when technology fails - Flipbook - Page 45
Prepare now for a surge in cyber and data breach litigation | 45
Not enough firms are
preparing in advance
A lack of collaboration with the legal team also
increases the likelihood of not taking sufficient
action to minimize risk before a data or privacy
breach materializes.
For example, it is essential to ensure that
statements about data in disclosures,
privacy policies, terms of use
and advertising do not become
outdated when technology and
products change. Businesses in
jurisdictions where class actions
can be brought should also take
a series of steps to prepare for
class actions for data breaches
or non-compliance with
privacy requirements.
To identify where you might
be going wrong, it’s useful
to simulate your response to
a breach. However, less than
a third of surveyed businesses
had simulated a cyber attack in
the past 12 months and only 58%
had done so in the past two years.
With much of the workforce currently
working remotely, you should rethink
and then re-simulate your response to a
data breach.
“Many businesses spend lots of
money on ensuring that outside
actors can’t access their systems
and steal data. But for a technology
company like ours, we also have
to make sure that people on the
inside don’t pull stuff out. We’ve
experienced this before and this
threat should not be overlooked.”
Anthony Walsh | Global Commercial Counsel, GE Power
Fig 22 Fewer than a third of businesses conducted a cybersecurity response
exercise in the past 12 months
13%
30%
31%
21%
>3 years
ago / never
Within
the past
2–3 years
Within
the past
1–2 years
Within
the past
6–12 months
Q. When did you last conduct a cybersecurity response simulation exercise?
6%
Within
the past
6 months