SUBSCRIBE TO TMCnet
TMCnet - World's Largest Communications and Technology Community

CHANNEL BY TOPICS


QUICK LINKS




Legal Action - A Growing Threat
» More Security Feature Articles

Security Featured Article


March 09, 2009

Legal Action - A Growing Threat

By Kevin G. Coleman, Certified Management Consultant and Strategic Advisor with the Technolytics Institute


Today most business records are electronic. The attacks on the information infrastructure of businesses coupled with the theft of intellectual property and corporate data are not new! The $1 trillion annual price tag (News - Alert) associated with IP and data theft has now put this issue front and center. What is new is the attention these security events are getting from Capitol Hill and the legal community. A survey released in February of this year by the Ponemon Institute sponsored by Symantec (News - Alert) found 59 percent of people who leave or are asked to leave their job are stealing data. According to the survey only 15 percent of corporations are doing any kind of review of documents being taken. This is typical of the lack of attention corporations are giving to their information assets; however current activities suggest that things are about to change.

 
Current economic conditions have pressured organizations to cut IT costs and security has not escaped the cutting. One study found that over ninety percent of the CIOs believed that vital company information is more vulnerable because of current economic conditions. A data breach is now a material event for organizations and a foreseeable risk. As a foreseeable risk, organization that fail to recognize the risk of data theft and take steps to mitigate this risk, could face legal claims of negligence and more. Currently about 40 states have laws requiring companies to provide notice to individuals of a data security breach. In some cases companies must also notify regulators of these events as well. If that is not bad enough, if you do business internationally, you have even more regulations to abide by when it comes to data breaches.
 
Just recently, several banks and credit unions have begun suing Heartland Payment Systems over its data breach that was disclosed about eight weeks ago. This plus all the class action suits that represent individuals that have had their personal data compromised are clear indications of the growing legal troubles that companies can find themselves in when a data breaches occurs. Last week I was contacted and asked if I would be interested in putting together a one day seminar for the legal community that addresses cyber attacks, data breaches and the behind the scene insight attorneys need to successfully litigate charges of negligence in data breach cases. After about an hour conversation I had identified the top five areas of interest.
 
Common data security mistakes and shortcomings of corporate IT departments
  • Insider threats and corporate data theft
  • Cut backs in IT budgets and the impact on data security
  • Separation of duties issues and common reporting conflicts
  • Third-party relationships that create security issues
 
In the end, it’s time for a wake-up call. The legal community is gearing up and preparing to do battle with organizations that experience a data theft or security breach. All things being considered, the costs increase the level of security and defend against a cyber attack is far less than the All-In-Costs associated with falling victim to a data thief.
 
INTEL     In February not one but three law firms filed class-action lawsuits against RBS Worldpay, the U.S. payment processing arm of the Royal Bank of Scotland.
INTEL     The Veterans Affairs Department recently agreed to pay $20 million to veterans for exposing them to possible identity theft in 2006 by losing their sensitive personal information.
INTEL     The hard financial costs due to fraud, lawsuits from aggrieved parties, and other longer factors are increasing significantly. The 2008 per record cost of data breaches in the UK has risen 127% over the previous year.
 

Kevin G. Coleman, a consultant and advisor with Technolytics Institute, writes the Data Security column for TMCnet. To read more of Kevin’s articles, please visit his columnist page.

Edited by Greg Galitzine


» More Security Feature Articles







Technology Marketing Corporation

2 Trap Falls Road Suite 106, Shelton, CT 06484 USA
Ph: +1-203-852-6800, 800-243-6002

General comments: [email protected].
Comments about this site: [email protected].

STAY CURRENT YOUR WAY

© 2024 Technology Marketing Corporation. All rights reserved | Privacy Policy