Data Breach Response Guide - 2017-2018 Editionby Experian | Experian Data Breach Resolution | 11/07/2017
As the number of cyber threats facing organizations continues to grow and regulations become increasingly prescriptive, companies need more than just a generic plan that sits on the shelf. Instead, they need a thorough data breach response plan that is regularly updated and practiced, ensuring effectiveness. Whether it is a few thousand or a few million records compromised, the need for a comprehensive plan remains the same.
According to the Identity Theft Resource Center (ITRC), there were 1,091 reported U.S. data breaches in 2016 across all industries, exposing more than 36 million records. A record-high year, 2016 saw a 40 percent increase from the 780 reported breaches in 2015. This year, as of September 13, there have already been 1,002 data breaches, with more than 163 million exposed records.
“Since we started tracking data breaches in 2005, we have witnessed a steady increase in events year after year. Given the current landscape, it’s no longer a question of ‘if’ your company will be attacked but ‘when.’ Therefore, it’s crucial that every company take the necessary steps to not only train its employees on cybersecurity best practices, but to also have a plan of action in place should it become a victim of such an attack.” – Eva Velasquez, ITRC CEO & President.
In this reality, it goes without saying that the data breach response plan has become a critical component of doing business in the modern era. For companies who have yet to create one – or need a refresh – this guide illustrates how to best create, implement and refine a comprehensive data breach response plan for the security challenges that lie ahead.
To read more, please log in
The California Consumer Privacy Act and the Future of Privacy Law in the US
A Q&A with Jon Neiditz of Kilpatrick Townsend & Stockton LLP
Passed in 2018 and slated to go into effect January 2020, AB 375 or The California Consumer Privacy Act (CCPA) was created to give consumers better ownership and control over their personal data but opens up a world of compliance questions for businesses that sell such data. We spoke with Jon Neiditz, who co-leads the Cybersecurity, Privacy and Data Governance practice at Kilpatrick Townsend and Stockton LLP about the Act and its implications for the future of privacy regulation.