“There are only two types of companies: those that have been hacked, and those that will be. Even that is merging into one category: those that have been hacked and will be again.”

- Robert Mueller, Former FBI Director, March 2, 2012

Hodgson Russ attorneys understand the privacy and cybersecurity risks that businesses face every day, threats that include the theft of data or intellectual property, the loss of a laptop, the mistaken release of a customer’s personal information, or even a cyberattack, causing a data breach, business interruption, and damage to your hard-earned reputation.

Today, every company, whether a family business or a Fortune 500 corporation, is increasingly a target of these threats. Last year alone, cyberattacks and data breaches increased 42 percent, with 31 percent of all breaches occurring in businesses of fewer than 100 employees. The expense of dealing with this type of event can be staggering: the average cost of a data breach is $5.4 million—and this doesn’t include the costs of defending a regulatory investigation or a class-action lawsuit alleging damages as a result of the breach.

Through sophisticated cyber-protection planning, data breach remediation and response services, and defense of clients’ interests in court—along with leveraging our extensive information technology experience and our contacts in government, industry, and law enforcement—Hodgson Russ’s Data Security & Privacy Practice offers the legal solutions, experience, and judgment needed to manage the evolving, complicated cyber risks in today’s marketplace.

Cyber-Protection Planning

To safeguard your business, Hodgson Russ will help develop a comprehensive cyber-protection plan around the following key objectives:

• Complying with privacy and breach-notification laws, including Dodd-Frank, Gramm Leach Bliley, the EU Privacy Directive, and state laws
• Responding to the National Institute of Standards & Technology’s (NIST’s) Cybersecurity Framework, released in February 2014
• Developing, implementing, and updating a cybersecurity plan
• Ensuring your business is covered by adequate cyber-liability insurance, including first-party coverage for data-breach costs and third-party coverage for lawsuits

Data Breach Remediation and Response Services

Even the best preparation won’t prevent every mistake, data breach, or cyberattack. When the inevitable breach occurs, Hodgson Russ attorneys provide breach remediation and response services, helping clients take immediate steps to contain, investigate, and remediate the breach; comply with all applicable breach-notification laws; and communicate with crisis managers, federal and state authorities, and law enforcement as necessary to protect the business and everyone affected by the breach.

Defending Clients’ Interests

Unfortunately, and even as your business suffers its own losses after a data breach, you may find yourself responding to inquiries or investigations by the FTC, SEC, or other state and federal regulatory authorities. Your business may be sued by these authorities or by consumers or investors in a class-action lawsuit seeking damages and other relief. Our experienced litigation team will fight hard to protect your business and legal interests. And in doing so, we’ll be sensitive to the fact that you’re still running a business, keeping our fees and costs reasonable and ensuring that we use only the time and resources we absolutely need to achieve your objectives.