Tag Archives: 2017 Data Security Incident Response Report

Deeper Dive: Clapper Divide Expands In Data Breach Cases

As reported in our 2017 Data Security Incident Response Report, plaintiffs allege potential future harm as a basis for injury in 80 percent of data breach lawsuits. But are allegations of future harm sufficient to meet Article III’s cases-and-controversies requirement, specifically with regard to the injury-in-fact element of standing? Despite the prevalence of these allegations, … Continue Reading

Deeper Dive: Security Is a Big Deal for Big Data

In the rapidly expanding landscape of Internet-based data analytic services, companies across all industries with a significant online presence have faced or will face a data breach resulting from their collection and use of Big Data. As more consumer information is digitized and collected by companies for data analytics, the potential for cyberattacks also increases. … Continue Reading

Deeper Dive: Ransomware – WannaCry and the Future of Ransomware-as-a-Service

In our 2017 BakerHostetler Data Security Incident Response Report, we addressed the increasingly ubiquitous scourge of ransomware, one of the fastest-growing types of malware causing data security incidents. We noted that ransomware attacks have been steadily expanding in both frequency and severity, and that those trends seemed set to continue for the foreseeable future. Less than a … Continue Reading

Deeper Dive: Forensics

A company’s ability to quickly and efficiently conduct a forensic investigation is critical to limiting the impacts of a data security incident and determining the scope of the incident. In BakerHostetler’s 2017 Data Security Incident Response Report, we analyzed data from the more than 450 incidents we worked on in 2016. A forensic investigation occurred … Continue Reading

Deeper Dive: Implementing Basic Security Measures Can Stop Some Network Intrusions and Reduce the Damage From Others

In BakerHostetler’s 2017 Data Security Incident Response Report, we analyzed 104 network intrusion attacks that we helped our clients respond to last year. Such incidents typically occur when criminals find a weakness in a company’s internet-facing network, penetrate the network, conduct reconnaissance to find valuable data and export the data before they can be detected … Continue Reading

Deeper Dive: Incorporating Incident Response Into Disaster Recovery Plans

Incident response and disaster recovery are both essential components of a comprehensive written information security program. However, too often these plans are implemented in a vacuum, without considering the potential synergies and improvements that can be gained when such plans are developed, deployed and tested together. Incident response and disaster recovery tend to have the … Continue Reading

Deeper Dive: Security Incident Notification Under the New EU General Data Protection Regulation (GDPR)

As noted in the 2017 BakerHostetler Data Security Incident Response Report, the enactment of the EU General Data Protection Regulation (GDPR) represents the most significant change in European data protection law in more than 20 years. Coming into effect on May 25, 2018, the GDPR focuses on a number of core data protection principles and … Continue Reading

Deeper Dive: Be Prepared for Regulatory Investigations in the Wake of a Security Incident

Your company had a data security event. After an investigation, it was determined that notifications were required, and the incident was made public as a result. Notification letters were mailed and regulators were notified, all in accordance with the law. Your company also enhanced security measures and took other remedial action, so there is nothing … Continue Reading

Deeper Dive: Phishing/Hacking/Malware Attacks Remain Leading Cause of Security Incidents

During 2016, our BakerHostetler privacy and data protection team worked on data security incidents across virtually all industries. For the second year in a row, phishing/hacking/malware attacks have accounted for the largest percentage of incidents handled by our team. Specifically, security incidents arising from phishing/hacking/malware made up 43 percent of all security incidents we handled … Continue Reading

Deeper Dive: Protecting Paper Records

Our third annual BakerHostetler Data Security Incident Response Report analyzes the more than 450 data security incidents we led clients through in 2016, and includes a number of interesting trends relating to the causes of incidents, how companies are identifying and responding to incidents, and the regulatory and litigation trends after an incident is disclosed. … Continue Reading

Deeper Dive: Frequency and Severity

All industries are affected by cyberattacks, but how often and to what extent they occur vary greatly by industry type. Industry Type As for frequency, the healthcare industry in 2016, for the third year in a row, saw the greatest number of incidents and by a wide margin. Specifically, about 35 percent of the incidents … Continue Reading

Be Compromise Ready: Go Back to the Basics

We are excited to release our third annual BakerHostetler Data Security Incident Response Report. This report analyzes the more than 450 data security incidents we led clients through in 2016. Companies continued to experience incidents at a record pace, and we expect this will continue through 2017. We have received more calls to our breach … Continue Reading
LexBlog