A recent article in the Detroit News reported that a number of major automakers, including General Motors, Fiat Chrysler, Volkswagen and others, were hit by a massive data breach that exposed manufacturing secrets, robotic configurations, business contracts and more. Ironically, the breach also exposed dozens of non-disclosure agreements.
The article noted that “the supply chain has become the weakest part of data privacy” and suggested that “companies that spend millions a year on cybersecurity can still be exposed by a vendor who handles their data.”
Most organizations focus – rightly – on sensitive personal information that they hold. This could be customer information or employee information. But, these recent breaches demonstrate that companies need to maintain a broad awareness of the type of data that are attractive to hackers. These cyber breaches can cost a company millions of dollars to say nothing of the potential reputational damage. According to IBM, the average cost of a security breach was $5.85 million in 2014 and grew to $7.35 million by 2017. That’s the average. The U.S. National Cyber Security Alliance found that 60% of small businesses (less than 100 employees) were unable to sustain their businesses over six months after a cyberattack. This is a serious problem and no network is completely safe.
That is why it is so critical to have a plan in place and ready in the event that your company falls victim to a cybersecurity hack. How do you ensure that your contracts sufficiently address the liability issues around a data breach? How do you inform and protect your customers or others affected by the security incident? How do you handle the resultant legal issues? How do you determine the cause and protect against it happening again? How do you balance data protection with accessibility?
While experts agree that no network is completely safe and the issue with cybersecurity is one of risk management as opposed to risk elimination, they also agree that having a plan in place is critical to effectively recovering from an attack. Warner’s Cybersecurity and Privacy team is experienced on the subject and can help you draft or update your incident response plan before an attack happens. In the unlikely and unfortunate event that your company suffers a cybersecurity attack, it could be the best investment you will ever make.
Learn more about protecting your company before and after a potential cybersecurity event. This is a business-critical area where Warner has been staying ahead of the curve.