Do you have what the courts view as "Reasonable Cyber Security" ?
Cyber Security laws are constantly evolving to make Cyber Security an obligation that goes in hand with customer data and privacy protection requirements. With all the new types of breaches and security threats changing daily there is more confusion about liability.
According to the 2018 Thales Data Threat Report security breaches are up:
“More than a third (36%) of global firms were breached last year, up considerably from 26% in 2017 and 20% in 2016. The U.S. was even more dire, with 46% of U.S. firms polled reporting being breached last year having nearly doubled – from 24% last year. “
What exactly is Reasonable Cyber Security?
Watch the complete interview with cybersecurity and data privacy attorney Shawn Tuma, of Spencer Fane, LLP at SecureWorld Dallas.
Here is one of his key points:
“Reasonableness is defined by your company itself, and that’s where you have to start, with a risk assessment…you have to prioritize it and implement a plan…no one can do everything at once and no one expects that…and when you can show you’ve done those things and you’ve made legitimate efforts to combat the risk your company faces, even when you do have an incident it makes you look so much better…”
This is just a high level overview of what Reasonable Cyber Security really looks like an how it can lower liability after an incident.
What should your company be doing?
Shawn also told SecureWorld that in 2018 Courts are really getting good at determining whether your business really cares about Cyber Security and has tried to put measures in place to help prevent attacks and breaches.
In the event of a breach you must be able to present your steps toward preventing it with “Reasonable Cyber Security”.
Watch part two of Shawn’s interview to hear what, at minimum, you must be doing to secure your business.
Schedule a consult today with one of MTSi’s IT Security Experts!