Cybersecurity & Data Protectionprintbutton


Cybersecurity & Data Protection

No business is immune from data breaches or cyber hacks. Data privacy and cybersecurity are at the forefront of today’s business concerns. Data breaches are not new; they have occurred since companies and individuals began storing private data in any form. Public data breaches are escalating as technology advances and electronic data grows exponentially. According to the Privacy Rights Clearinghouse, over 8,000 data breaches involving at least 10.3 billion records have been reported in the U.S. since 2005, including international breaches which affected individuals in the U.S. As use of the cloud for storing and sharing information continues to rise, the risk of data breaches increases.

The most common potential data breaches for businesses include:

  • Hacking
    • Stealing or misusing credentials – weak or stolen passwords
    • Phishing/malware/ransomware – clicking on email from unknown email address, clicking on an infected attachment or link, or accessing website that downloads malicious software
  • Software and network vulnerabilities – not keeping software applications and network systems updated
  • Accidental/inadvertent breach – not knowing or following data security protocols
  • Lost devices
  • Insider – careless or disgruntled employees/former employees or independent contractors with access to confidential data or whose access was not disabled upon termination
    • Social engineering
    • Business email compromise
    • CEO fraud
  • W2 fraud

CYBERSECURITY AWARENESS AND CYBERSECURITY - On Demand Video Webinar

Danna McKitrick recently joined Associated Industries of Missouri (AIM) in sponsoring a video webinar on cyber awareness and cybersecurity. A panel of cybersecurity specialists gave a 360° review of risk mitigation and incident response in cyberattacks. Information included how to protect your company data, employee data, and customer information from being hacked and what to do if your system is hacked.
 
To view the webinar, click below or go to https://youtu.be/0dfkN3GTsBA.



At Danna McKitrick, our Cybersecurity team assists clients to create and implement practical strategies and effective solutions to data privacy, usage, and cybersecurity protection obligations related to the client’s business and industry. Our team is experienced in health care law, intellectual property, telecommunications industries, and related regulatory requirements. We also engage other trusted providers including forensic firms, IT management companies, accountants, government officials (Secret Service and FBI), public relations experts, and insurance brokers.

HOW WE CAN HELP BEFORE A BREACH

Data Breach Data Protection and Cybersecurity

  • Data privacy and cybersecurity risk management
    • Risk assessments
    • Remediation recommendations (risk mitigation specialists)
  • Data protection and security policies, protocols, and procedures to bar unauthorized access to electronic and hard copy information
  • Audits of secure data processing procedures and protected transfer of personal information by cybersecurity team
  • Regulatory and statutory compliance and guidance: HIPAA/HITECH; COPPA; FACTA
  • Incident response policies and procedures, including identifying a list of cybersecurity experts and federal, state, and/or local authorities to be notified
  • Employee data privacy and cybersecurity training
  • Employee social media policies
  • Whistleblower guidelines
  • Privacy and cookies policies
  • Terms of use for company websites
  • Vendor negotiation
    • Contracts
    • Cybersecurity protection
  • Cybersecurity and privacy risks in M&A transactions
  • Analysis of cybersecurity insurance policies

HOW WE CAN HELP AFTER A BREACH

Data Breach or Compromise

  • Incident response coordination with designated personnel
  • Investigation of breach with a team of cybersecurity experts
  • Coordination with public relations
  • Notification obligations to state and local authorities, clients, vendors, and customers
  • Review/analyze information through forensic images, backups, and data; establish chain of custody
  • Compliance with U.S. and EU security incident and data breach response procedures
  • Defense of breach-related litigation
  • Coordination of insurance claims
  • Identification of revisions needed after data compromise or breach:
    • Incident response protocols and procedures
    • Data protection
Additional information: U.S. Department of Justice Cybersecurity Unit
 

Cybersecurity & Data Protection Attorneys

Ruth A. Binger | David R. Bohm | Laura Gerdes Long

© Danna McKitrick, P.C. Attorneys at Law

logo-footer

Disclaimer/Legal

Hosted on the FirmWisesm platform.