Ride the Lightning

Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.

Two Out of Three Companies Haven’t Reviewed Their Data Breach Plans

March 9, 2020

I guess no one is really surprised, right?

Legaltech®news reported on March 4 on the results of the "Seventh Annual Study: Is Your Company Ready for a Big Data Breach?" which was sponsored by Experian Data Breach Resolution and conducted by Ponemon Institute.

As the title indicates, two of three respondents have not reviewed/updated their data breach plans. Foolish of course, but predictable. You cannot set and forget cybersecurity. It is imperative to review and update the plans annually – things just move too darn fast.

What else aren't folks doing right? Employee training, mobile device security and securing data in the cloud.

Only 23% of respondents thought their organization was confident that it could minimize the financial and reputational consequence of a significant breach.

The study surveyed 650 professionals in the US and 456 in Europe/Middle East/Africa region. All the respondents are involved with data breach planning. Their jobs are in compliance, IT, privacy, and cybersecurity.

Other findings:

36% of respondents reported their organization had a ransomware attack in 2019 with only 20% feeling confident in their ability to deal with it. The average ransom was $6,128 and 68% of respondents say it was paid. I am assuming these were not the particularly dreadful attacks where data is infiltrated before it is encrypted, as the price tag there tends to be much higher.

Spear phishing attacks remain a huge problem, with 69% of respondents reporting one or more attacks and 67% saying the negative consequences of these attacks were very significant. Most of them might have been prevent with effective employee training.

Some 68% of respondents said their company has spent more time and money putting in place measures to detect and respond fast to a breach.

More organizations at 54% report they are compliant with the European Union's General Data Protection Regulation, compared with only 36% a year ago. That truly is great progress.

Now it's time to make sure those data breach preparedness plans are updated annually!

Sharon D. Nelson, Esq., President, Sensei Enterprises, Inc.
3975 University Drive, Suite 225|Fairfax, VA 22030
Email: Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson

Sharon D. Nelson, Esq.
President

Subscribe in a Reader

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Ride the Lightning

Two Out of Three Companies Haven’t Reviewed Their Data Breach Plans

Subscribe for More!

Recent Posts

Listen to the Podcast

Disclaimer