In our June 1, 2016 monthly webinar, special guest speaker Orus Dearman from Grant Thornton, LLP discussed cybersecurity and protecting your business from risk of data breaches.
Here are a few of the highlights:
Businesses of All Sizes are Vulnerable to Data Security Risks
It’s not a matter of if, but when. Businesses of all sizes are vulnerable to data security risks. Indeed, data breaches and other incidents are common, though typically only large companies or significant incidents make the headlines. Sources of risk and potential exposure include more than just your stereotypical “hacker.” Venders, service providers, and others who may have legitimate access to your business can pose a threat in addition to those with more devious intents. If a service provider does not keep your information secure, you are vulnerable.
Be Proactive, Not Reactive
The worst thing a company can do is nothing. Proactive steps and a planned response can save time, money, and good-will if an incident or breach occurs. These steps include assessing risk by knowing what information you have, where it is located or stored, and what information is “valuable.” Determining where you might be vulnerable – and taking steps to shore up those weak spots – goes a long way in protecting your business from a possible incident or breach. This includes evaluating yourself and your venders. Services are available to help assess cybersecurity risk points and prevent a problem first.
Have a Plan
You should have a plan in place for when (not if) an incident or breach occurs. This plan should name the players on your Response Team and outline what must be done, from preserving evidence and hardware to cooperating with any necessary law enforcement agencies to communicating with stakeholders (i.e., employees, customers, cardholders, etc. who might have had their confidential information exposed). Also, the plan should be practiced and periodically updated as necessary to ensure it is workable when it is time to act. Finally, it is very important to involve qualified legal counsel in this process – not just when an incident occurs, but in the planning and risk assessment stages.
THE NEXT SHLC MONTHLY WEBINAR
Join us on July 6 (NV) and July 7 (CA) for our next monthly webinars, our Mid-Year Employment Law Updates for California and Nevada employers.
Please visit https://suttonhague.com/events/ to view our entire 2016 webinar series. CDs and MP3 recordings of our webinars are available for purchase for $30! For more information you can email events@suttonhague.com.