Cybersecurity and data protection are issues of increasing concern for corporations, financial institutions, health care and other organizations. Regulatory noncompliance, financial and operational disruption, and legal and reputational damage are all real and growing risks for organizations that store and manage key data on networks that can be compromised by cybercriminals.
Despite the fact that all organizations, regardless of size, are at risk of a cyber-attack, few have prevention measures in place, or have planned for how they would respond in the event of an attack. Foster Swift helps clients prevent a data breach, and mitigate the damage when one has already occurred.
We also help clients understand and comply with the myriad state and federal statutes and regulations that implicate IT and cybersecurity issues, including Health Insurance Portability and Accountability Act (HIPAA), the Gramm-Leach-Bliley Act, the Fair and Accurate Credit Transactions Act (FACTA), the Telephone Consumer Protection Act (TCPA), CAN-SPAM, the Electronic Communications Privacy Act (ECPA), the Children’s Online Privacy Protection Act, the Fair Credit Reporting Act (FCRA), the Federal Trade Commission Act, Sarbanes-Oxley, and states' breach notification laws, to name a few.
The members of our cybersecurity team have extensive experience counseling and advising clients in all aspects of cybersecurity and data protection. Because cybersecurity is a complex issue that requires an interdisciplinary approach, we team with outside information technology experts in connection with both prevention and breach response issues.
Preparation, Prevention and Response
We help clients put in place multi-dimensional procedures and best practices to prevent cyber-attacks.
- Planning - We help companies develop or improve data security practices in order to lower the risk of a data breach and to prepare the company to respond if a breach occurs.
- Training - A company’s workforce is the frontline of cybersecurity. Many “phishing” and malware attacks target a company’s employees, so we work with clients to ensure that employees are trained and informed about important cybersecurity issues.
- Audits - We help clients conduct privacy and security assessments in order to minimize the risk of a breach and to position the company to respond if a breach occurs.
- Policies - The best defense against a data breach is an informed and unified workforce. We help clients implement policies that require employees, as well as outside vendors, to use best practices to safeguard data and systems.
- IT - We have relationships, and work closely with, a team of sophisticated IT specialists and consultants in order to help clients assess and make adjustments to critical IT infrastructure.
- Insurance - We help clients understand whether there are any gaps in their cyber insurance coverage, and help those without cyber coverage analyze new products and negotiate cyber insurance policy placements.
While preparation is the best defense against a data breach, incidents happen - even to the best prepared companies. We have experience advising companies in responding to breaches. Working with IT experts, we help companies identify the source and scope of a breach, and assess their legal and regulatory responsibilities, including managing notifications required to various constituents and government agencies.
Recent Blog Posts
- SEC-Regulated Companies Should Address Cybersecurity to Avoid Enforcement Risks
- Are Boards of Directors Responsible for Cybersecurity?
- How are Businesses Preparing for Proposed Federal Data Privacy Legislation? Part One: Understanding Current Proposals
- Cybersecurity and Data Privacy Considerations in Due Diligence
- Why Public WiFi is a Health Hazard
- Ohio Enacts Unique Safe Harbor to Reduce Data Breach Litigation Risks
- Legal Essentials: Shifting Focus to Data Protection, Cybersecurity and Vendor Management
- Legal Essentials: An Introduction to Data Privacy, Cybersecurity and Third Party Vendor Management
- Cybersecurity Concerns in Health Care
- GDPR Has Arrived and My Company Isn't Ready. Now What?
Publications & Alerts
- Avoid Foreign Hackers in 2019, November 2018 Finance Real Estate & Bankruptcy Law News, November 19, 2018
- Tax Return Scam Alert: Updates for 2018, Foster Swift Business & Corporate Law News E-Blast, February 22, 2018
- Business Lessons Learned from the Equifax Breach: Week Two, Business & Corporate September 2017 E-Blast, September 25, 2017
- Hacked: Equifax Breach Leaves Millions of Consumers Vulnerable, Business & Corporate September 2017 E-Blast, September 8, 2017
- It's Not 'If', It's 'When', Greater Lansing Business Monthly, August 8, 2017
- Including IT in your Agribusiness Strategic Planning Efforts, Foster Swift Agricultural Law News, January 30, 2017
- Foster Swift Elects New Shareholders, Lansing Regional Chamber, January 21, 2019
- You've Been Breached! An Interactive Incident Response Simulation, Presented by SIKICH, March 19, 2019
- Cyber-Security: It's Not If, It's When, October 4, 2017
- Cyber-Security: It's Not If, It's When, May 3, 2017