Since data breaches are inevitable, cyber insurers will increasingly force companies to find ways of mitigating the impact of these breaches. Some of these efforts will be the voluntary implementation of best practices. For example, companies would be well advised to protect their most sensitive data with advanced encryption technology which can safeguard any data stolen or compromised in a breach by rendering it unusable to the attacker.
However, companies will increasingly face legal mandates to formalize their responses to data breaches. Already, 47 states have enacted legislation requiring companies to notify individuals of security breaches of information involving personally identifiable information. The federal government has also recently introduced legislation that would create a national data breach law. With disclosure mandates becoming unavoidable, companies should proactively focus not just on protecting their most critical assets, but also on developing notification protocols that can be rapidly implemented once breaches have been identified.
Add your comments to our Facebook page.
RELATED: Why doesn’t my cybersecurity insurance cover that?