Businesses of every size are increasingly the targets of cybersecurity breaches, ransomware attacks and other online scams. It is no longer just big companies or obvious targets that draw the attention of cyber criminals. Recently, the City of Lafayette suffered a cyberattack that shuttered its online services for days and forced it to pay a ransom to gain access to its own systems and resume operations. What happened to Lafayette could easily happen to any organization. 

As commercial life has moved online, data breaches and cyberattacks have surged, affecting organizations large and small across the world, including big names like Twitter and Garmin. Industry groups estimate that the average cost of responding to a ransomware attack is as much as $730,000. Rudy Verner, head of Berg Hill Greenleaf Ruscitti’ s Privacy & Data Security practice group, says that “the costs of dealing with data breaches and cyberattacks go far beyond lost revenue and ransom payments. Even when companies have insurance in place to pay for these events, public perception, customer and partner confidence, and regulatory risks compound the harm a data breach or cyberattack can do to a business.”

Businesses have found their daily operations suddenly transformed online as communities across the globe sheltered in place in response to the pandemic, forcing offices and operations to go virtual with workers at home. Many businesses did not have a plan in place or fully anticipate the risks associated with expanded online operations. Data security is now crucial to every organization doing business online, as even small hiccups can paralyze a company’s operations.

Executives and company leaders may be overwhelmed by the risks and obligations their companies now face and find themselves struggling to address these issues without impacting operations. Dealing with privacy and data security hazards doesn’t just involve strong passwords and secure servers, but understanding the unique obligations the law imposes on the kinds of data a business collects, managing personnel access to information, and ensuring that comprehensive processes are in place to reduce risk and mitigate a crisis.

BHGR’s Privacy & Data Security practice group works with organizations of all sizes and industries to identify their privacy and data security needs, implement practical solutions to manage privacy and security in their day-to-day operations, and respond to breaches and cyberattacks when they occur. BHGR attorneys work with companies to procure cyber liability insurance, negotiate data protection agreements, assist with data breach preparedness and cyber incident response, and handle litigation related to privacy and data security.

If you have any questions regarding how your organization can ensure its privacy and data security practices are up-to-date, manage its transition to an online workforce, respond to a potential data breach, or any other privacy and data security needs, please contact BHGR’s Privacy & Data Security practice group.

Authors: Jacob Scarr, Rudy E. Verner