“There are only two types of companies: those that have been hacked, and those that will be. Even that is merging into one category: those that have been hacked and will be again.”
- Robert Mueller, FBI Director, March 2, 2012
Hodgson Russ attorneys understand the privacy and cybersecurity risks that businesses face every day, threats that include the theft of data or intellectual property, the loss of a laptop, the mistaken release of a customer’s personal information, or even a cyberattack, causing a data breach, business interruption, and damage to your hard-earned reputation.
Today every company, whether a family business or a Fortune 500 corporation, is increasingly a target of these threats. Last year alone, cyberattacks and data breaches increased 42 percent, with 31 percent of all breaches occurring in businesses of fewer than 100 employees. The expense of dealing with this type of event can be staggering: the average cost of a data breach is $5.4 million—and this doesn’t include the costs of defending a regulatory investigation or a class-action lawsuit alleging damages as a result of the breach.
Through sophisticated cyber-protection planning, data-breach coaching, and defense of clients’ interests in court—along with leveraging our extensive information technology experience and our contacts in government, industry, and law enforcement—Hodgson Russ’s Privacy, Data Breach & Cybersecurity Practice Group offers the legal solutions, experience, and judgment needed to manage the evolving, complicated cyber risks in today’s marketplace.
To safeguard your business, Hodgson Russ will help develop a comprehensive cyber-protection plan around the following key objectives:
- Complying with privacy and breach-notification laws, including Dodd-Frank, Gramm Leach Bliley, the EU Privacy Directive, and state laws
- Responding to the National Institute of Standards & Technology’s (NIST’s) Cybersecurity Framework, released in February 2014
- Developing, implementing, and updating a cybersecurity plan
- Ensuring your business is covered by adequate cyber-liability insurance, including first-party coverage for data-breach costs and third-party coverage for lawsuits
Even the best preparation won’t prevent every mistake, data breach, or cyberattack. When the inevitable breach occurs, Hodgson Russ attorneys provide “breach coach” services, helping clients take immediate steps to contain, investigate, and remediate the breach; comply with all applicable breach-notification laws; and communicate with crisis managers, federal and state authorities, and law enforcement as necessary to protect the business and everyone affected by the breach.
Defending Clients’ Interests
Unfortunately, and even as your business suffers its own losses after a data breach, you may find yourself responding to inquiries or investigations by the FTC, SEC, or other state and federal regulatory authorities. Your business may be sued by these authorities or by consumers or investors in a class-action lawsuit seeking damages and other relief. Our experienced litigation team will fight hard to protect your business and legal interests. And in doing so, we’ll be sensitive to the fact that you’re still running a business, keeping our fees and costs reasonable and ensuring that we use only the time and resources we absolutely need to achieve your objectives.
- Advised Municipality in Cyber Threat Risk Management
- Counseled Insurer on Scope of Coverage Available for Cyber Claim Involving Customer Information Theft
- Financial Institution Data Breach Analysis and Breach Notification
- Represented Retailer in Submission of Cyber Insurance Claim, Demand for Indemnification
- Buffalo Law Journal, March 7, 2016
- Buffalo Business First, May 29, 2015
- Wall Street Journal, December 19, 2014
- Press Release, May 1, 2014
- The Harvard Club, 35 W. 44th Street, New York, NY, Summer 2015
- Buffalo, NY, June 12, 2014
- New York, NY, January 23, 2014
- Privacy, Data Breach & Cybersecurity Alert, February 10, 2015
- Buffalo Law Journal, October 6, 2014
- PrivacyRisksAdvisors.com, August 13, 2014
- JD Supra, May 1, 2014
- Legal & Tax Newsletter, March 2014
- Security, February 2014
- JD Supra, December 30, 2013