Law.com Subscribers SAVE 30%
Call 855-808-4530 or email [email protected] to receive your discount on a new subscription.
Prepping a Mock Notification Letter Before a Cybersecurity Breach Hits
No one in the security industry should be surprised to know that the financial and reputational impact of a breach is severe. According to a recent Harris Poll, studies show that 75% of consumers won't do business with a company if they don't trust it to protect their data. If the incident involves the theft of more than 1 million records (known as a mega breach), it can be almost impossible to restore the confidence levels to what they were pre-breach. In 2017 alone, there were 16 mega breaches.
Being prepared for the worst before it even happens can minimize the damage in the event of a cybersecurity incident. To get any company ready for a cybersecurity event, the first step is to organize a team to write a mock breach notification letter. For this to be successful, you must shock the organization from the top down. Too many table tops and incident planning exercises start from the bottom up and do not represent the gravity of a beach — but not this. The product of this exercise, a simple letter, will represent your message to the world about your failure in the event you have a breach. It fundamentally provides the introduction of your problem to the world — how will you be judged?
Before Beginning the Exercise
While preparing to write your mock breach notification letter, you should be asking yourself the hard questions about what to do, what you will need, and who is responsible if your organization is the one to experience a significant data breach. Even though the actual details of the letter will differ depending on the actual incident, being organized and prepared will enable an organization's team to issue a real breach notification letter in a timely fashion. A rapid response can help solve the incident at hand and build back trust in the brand. Thematically auditors and lawyers will judge your decisions prior; however, your clients, customers, and partners will judge you on your response.
This premium content is locked for Entertainment Law & Finance subscribers only
ENJOY UNLIMITED ACCESS TO THE SINGLE SOURCE OF OBJECTIVE LEGAL ANALYSIS, PRACTICAL INSIGHTS, AND NEWS IN ENTERTAINMENT LAW.
- Stay current on the latest information, rulings, regulations, and trends
- Includes practical, must-have information on copyrights, royalties, AI, and more
- Tap into expert guidance from top entertainment lawyers and experts
Already a have an account? Sign In Now Log In Now
For enterprise-wide or corporate acess, please contact Customer Service at [email protected] or 877-256-2473
The DOJ's Corporate Enforcement Policy: One Year Later
The DOJ's Criminal Division issued three declinations since the issuance of the revised CEP a year ago. Review of these cases gives insight into DOJ's implementation of the new policy in practice.
Use of Deferred Prosecution Agreements In White Collar Investigations
This article discusses the practical and policy reasons for the use of DPAs and NPAs in white-collar criminal investigations, and considers the NDAA's new reporting provision and its relationship with other efforts to enhance transparency in DOJ decision-making.
How AI Has Affected PR
When we consider how the use of AI affects legal PR and communications, we have to look at it as an industrywide global phenomenon. A recent online conference provided an overview of the latest AI trends in public relations, and specifically, the impact of AI on communications. Here are some of the key points and takeaways from several of the speakers, who provided current best practices, tips, concerns and case studies.
New York's Latest Cybersecurity Commitment
On Aug. 9, 2023, Gov. Kathy Hochul introduced New York's inaugural comprehensive cybersecurity strategy. In sum, the plan aims to update government networks, bolster county-level digital defenses, and regulate critical infrastructure.