Cybersecurity litigation risks: 4 top concerns for CISOs | #cybersecurity | #cyberattack


The threat of litigation is enough to keep any business leader up at night, and the increasing prevalence of data protection, privacy, and cybersecurity legislation and regulation is piling on the pressure for CISOs.

According to Norton Rose Fulbright’s latest Annual Litigation Trends Survey of more than 250 general counsel and in-house litigation practitioners, cybersecurity and data protection will be among the top drivers of new legal disputes for the next several years. Two-thirds of survey respondents said they felt more exposed to these types of disputes in 2021, up from less than half in 2020, while more sophisticated attacks, less oversight of employees/contractors in remote environments, and concerns about the amount of client data were all cited as mitigating factors.

Clearly, the risks of litigation are very real for CISOs and their organizations, but what are the greatest areas of concern and what can they do about it?

Data breaches draw lawsuits

In the last 18 months to two years, the chances of an organization facing litigation following a data breach have increased significantly, particularly when a company is perceived to have not handled a breach well, says lawyer and Cordery partner Jonathan Armstrong, who specializes in technology and compliance legal matters. “With a big data breach now, litigation is a probability, not a possibility,” he adds.

While propensity for legal action varies by geography, the continuing scale of cyberattacks has resulted in more explicit assertions from government, industry, and regulatory bodies on what constitutes poor security, opening the door to more legal action, Alex Jinivizian, vice president strategy and corporate development at eSentire, tells CSO. “Some of the most high-profile data breaches—Equifax, Marriott, Target, the U.S. Office of Personnel Management—resulted in significant lawsuits against those companies related to losses of confidential employee or customer data caused by poor standards around security hygiene,” he says.

The implications can be considerable for businesses, Armstrong warns. “Damages sought in different cases are high at the moment. As just one example, TikTok is facing an action in the Netherlands for €1.5bn, and there are similarly high value claims in other countries, too, including the UK and Germany. Data related litigation has been a feature of U.S. corporate life for many years as well.”

Copyright © 2022 IDG Communications, Inc.



Original Source link

Leave a Reply

Your email address will not be published.

− four = five