Scarinci Hollenbeck, LLC
The Firm
201-896-4100 info@sh-law.comFirm Insights
Data Breach Can Be Prepared For And Stopped When it Comes Your Business
Author: Scarinci Hollenbeck, LLC
Date: May 22, 2013
Key Contacts
Back
Last month, Associated Press’ Twitter account fell victim a data breach after hackers sent a fake tweet from their account referencing an explosion at the White House.
The tweet caused the Dow Jones Industrial Average to plunge more than 100 points within seconds.
This latest incident highlights not only how disruptive a data breach can be, but also how easily they can be orchestrated. The attack has been linked to an ongoing spear phishing scheme that targets Twitter users’ corporate email accounts.
Despite these high profile attacks, a recent report by the Ponemon Institute and Experian Data Breach Resolution suggests that many companies still have significant gaps in their data security procedures.
The study, which surveyed 471 compliance, privacy, and IT personnel at U.S. companies, identified the following practices as creating the potential for a significant data breach:
- BYOD is permitted without security testing. Seventy-eight percent say their organizations allow employees to bring their own mobile devices such as laptops, tablets and smart phones (BYOD) to the workplace. However, 61 percent say their organization does not require or they are unsure that mobile devices should be tested for security prior to connecting to networks or enterprise systems.
- Lack of effective access and authentication practices could enable improper access to personal information. Less than half (44 percent) of respondents say that their organization is effective in authenticating and making sure that only the appropriate employees and contractors have access to its information systems. Moreover, only 43 percent say their organization promptly changes access rights of employees and contractors when they change jobs or are terminated.
- Encryption is not widely deployed. Less than one-third of respondents say sensitive or confidential personal and business information stored on computers, servers and other storage devices generally encrypted.
- Monitoring information systems for unusual or anomalous traffic does not regularly occur. Only one-third of respondents say their organizations are taking such preventative measures as monitoring for potential risks to the network and enterprise system.
As we have previously highlighted on this Business Law Blog and on our companion blog eWhite House Watch, effective data security policies and procedures are essential for businesses of all sizes. Failing to have the proper protections in place will not only hurt your company’s reputation, but also may impact your bottom line.
If you have any questions about this study or would like assistance with your data theft prevention efforts, please contact me, Fernando Pinguelo, or the Scarinci Hollenbeck attorney with whom you work.
No Aspect of the advertisement has been approved by the Supreme Court. Results may vary depending on your particular facts and legal circumstances.
Related Posts
See all
Does Your Homeowners Insurance Provide Adequate Coverage?
Your home is likely your greatest asset, which is why it is so important to adequately protect it. Homeowners insurance protects you from the financial costs of unforeseen losses, such as theft, fire, and natural disasters, by helping you rebuild and replace possessions that were lost While the definition of “adequate” coverage depends upon a […]
Author: Jesse M. Dimitro
Understanding the Importance of a Non-Contingent Offer
Making a non-contingent offer can dramatically increase your chances of securing a real estate transaction, particularly in competitive markets like New York City. However, buyers should understand that waiving contingencies, including those related to financing, or appraisals, also comes with significant risks. Determining your best strategy requires careful analysis of the property, the market, and […]
Author: Jesse M. Dimitro
Fred D. Zemel Appointed Chair of Strategic Planning at Scarinci & Hollenbeck, LLC
Business Transactional Attorney Zemel to Spearhead Strategic Initiatives for Continued Growth and Innovation Little Falls, NJ – February 21, 2025 – Scarinci & Hollenbeck, LLC is pleased to announce that Partner Fred D. Zemel has been named Chair of the firm’s Strategic Planning Committee. In this role, Mr. Zemel will lead the committee in identifying, […]
Author: Scarinci Hollenbeck, LLC
Novation Agreement Process: Step-by-Step Guide for Businesses
Big changes sometimes occur during the life cycle of a contract. Cancelling a contract outright can be bad for your reputation and your bottom line. Businesses need to know how to best address a change in circumstances, while also protecting their legal rights. One option is to transfer the “benefits and the burdens” of a […]
Author: Dan Brecher
What Is a Trade Secret? Key Elements and Legal Protections Explained
What is a trade secret and why you you protect them? Technology has made trade secret theft even easier and more prevalent. In fact, businesses lose billions of dollars every year due to trade secret theft committed by employees, competitors, and even foreign governments. But what is a trade secret? And how do you protect […]
Author: Ronald S. Bienstock
What Is Title Insurance? Safeguarding Against Title Defects
If you are considering the purchase of a property, you may wonder — what is title insurance, do I need it, and why do I need it? Even seasoned property owners may question if the added expense and extra paperwork is really necessary, especially considering that people and entities insured by title insurance make fewer […]
Author: Patrick T. Conlon
No Aspect of the advertisement has been approved by the Supreme Court. Results may vary depending on your particular facts and legal circumstances.
Sign up to get the latest from our attorneys!
Explore What Matters Most to You.
Consider subscribing to our Firm Insights mailing list by clicking the button below so you can keep up to date with the firm`s latest articles covering various legal topics.
Stay informed and inspired with the latest updates, insights, and events from Scarinci Hollenbeck. Our resource library provides valuable content across a range of categories to keep you connected and ahead of the curve.
Data Breach Can Be Prepared For And Stopped When it Comes Your Business
Author: Scarinci Hollenbeck, LLC
Last month, Associated Press’ Twitter account fell victim a data breach after hackers sent a fake tweet from their account referencing an explosion at the White House.
The tweet caused the Dow Jones Industrial Average to plunge more than 100 points within seconds.
This latest incident highlights not only how disruptive a data breach can be, but also how easily they can be orchestrated. The attack has been linked to an ongoing spear phishing scheme that targets Twitter users’ corporate email accounts.
Despite these high profile attacks, a recent report by the Ponemon Institute and Experian Data Breach Resolution suggests that many companies still have significant gaps in their data security procedures.
The study, which surveyed 471 compliance, privacy, and IT personnel at U.S. companies, identified the following practices as creating the potential for a significant data breach:
- BYOD is permitted without security testing. Seventy-eight percent say their organizations allow employees to bring their own mobile devices such as laptops, tablets and smart phones (BYOD) to the workplace. However, 61 percent say their organization does not require or they are unsure that mobile devices should be tested for security prior to connecting to networks or enterprise systems.
- Lack of effective access and authentication practices could enable improper access to personal information. Less than half (44 percent) of respondents say that their organization is effective in authenticating and making sure that only the appropriate employees and contractors have access to its information systems. Moreover, only 43 percent say their organization promptly changes access rights of employees and contractors when they change jobs or are terminated.
- Encryption is not widely deployed. Less than one-third of respondents say sensitive or confidential personal and business information stored on computers, servers and other storage devices generally encrypted.
- Monitoring information systems for unusual or anomalous traffic does not regularly occur. Only one-third of respondents say their organizations are taking such preventative measures as monitoring for potential risks to the network and enterprise system.
As we have previously highlighted on this Business Law Blog and on our companion blog eWhite House Watch, effective data security policies and procedures are essential for businesses of all sizes. Failing to have the proper protections in place will not only hurt your company’s reputation, but also may impact your bottom line.
If you have any questions about this study or would like assistance with your data theft prevention efforts, please contact me, Fernando Pinguelo, or the Scarinci Hollenbeck attorney with whom you work.