BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Legal perspective: 6 key points on data breaches

From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Thu, 10 Dec 2015 18:08:07 -0700
http://www.beckershospitalreview.com/healthcare-information-technology/legal-perspective-6-key-points-on-data-breaches.html

More than half of in-house counsel report their organizations are bumping
up their cybersecurity budgets, according to the Association of Corporate
Counsel Foundation's The State of Cybersecurity report.

The report gathered responses from more than 1,000 in-house counsels at 887
organizations in 30 countries. Respondents hold roles including chief legal
officer and general counsel. Here are six key points on data breaches from
the report.

1. More than half of respondents (57 percent) believe the legal department
will have a larger role to play in cybersecurity matters over the coming
year.

2. Of the lawyers who report being at a company that has experienced a data
breach, just 19 percent say the organization's cybersecurity insurance
policy fully covered the pursuant damages.

3. One-third of general counsels and chief legal officers report their
organizations have retained outside counsel in the case a cyberattack
happens.

4. Nearly half of in-house counsel who have worked for companies with 5,000
or more employees report they work or have worked at a company that
experienced a data breach.

5. Approximately three-fourths of respondents (74 percent) say minimal,
moderate or significant changes were made following a breach. Just 15
percent of respondents say their organizations made no changes.

6. Here are the top data breach causes, as reported by in-house counsel:

•    Employee error: 24 percent
•    Inside job: 15 percent
•    Phishing: 12 percent
•    Access through a third party: 12 percent
•    Lost laptop or device: 9 percent
•    Application vulnerability: 7 percent
•    Malware: 7 percent
•    Ransomware: 1 percent
•    Operating system vulnerability: Less than 1 percent

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!
Previous By Date Next
Previous By Thread Next

Current thread: