The COVID-19 pandemic has brought the issue of cybersecurity front and center for general counsel worldwide. The FBI has seen a 400% increase in the number of cyber complaints compared to the time before the pandemic. It is estimated that there are between 20,000 and 30,000 phishing attacks per day in the United States. Before the pandemic, those attacks numbered in the dozens per day.
And it’s not just cyberattacks that should be keeping general counsel up at night. The amount and kinds of information being collected and saved and new privacy laws are changing priorities for the management of data. A recent webcast put together by Exterro and featuring security experts Daniel Sholler, Michael Rasmussen, and Matthew Miller narrowed in on the major areas that counsel should focus on in 2021.
The increase in data breaches brings with it an increase in liability for companies. Protecting against data breaches should now be a collaborative effort across different departments, not just the responsibility of general counsel. Strong tech, of course, is a necessity to protect a network. But just as important are strong remediation efforts including the ability to show proper data management practices have been followed. It is critical for a company to have a highly scripted, automatic response plan in the case of a data breach. Fast action is essential, and this needs to be a cross departmental effort.
The experts agree that proper management of data is key to minimizing risk. Companies should not hold onto data that they don’t need. Data going back decades can be more harmful than helpful. It is essential for firms to know what data they have and to index it so that it can be accessed when needed. That exigency may come by way of a data breach, government compliance, discovery requests, or other issues.
Another practical issue that should be addressed, that has become more significant in the age of COVID, is the sharing of data with third parties. Companies need to maintain control over their firewall-protected data after it is shared and thus moved over their protective firewall. There are now next-generation tools to help companies maintain control of this data. One place that companies fail in maintaining control of their data is “offboarding.” These tools will also help companies to make sure they shut all doors when someone leaves the organization.
The experts stress this new world of data protection must be a collaborative effort engaging all departments. It also must involve an organized approach that keeps track at all times of a company’s data in order to minimize risk and exposure.