New Year, New Challenges

Share on facebook
Share on google
Share on twitter
Share on linkedin
Happy New Year
January 2, 2019
2019 Happy New Year
It’s 2019 and we’re set for another very interesting year in the world of cybersecurity.  Below are some thoughts on what 2019 will bring for your business around security and privacy.
Differentiation
Cybersecurity is a differentiator  
Consumers and businesses have had breach fatigue for years.  In 2019, they will choose to do business with companies that make a public commitment to their data security and privacy.  Apple is providing leadership in this area.  Companies that commit to their cybersecurity program can not only provide better assurances to their customers around data protection, they can use their increased maturity to up-sell services and features around this increased capability.
Incident Response
Incident Response maturity must increase
Increasing regulation means that incident reporting requirements are becoming more strict.   The GDPR regulation mandates a 72-hour reporting requirement following the awareness of a breach.   It is extremely difficult and unlikely that your company will understand the details of a breach within 72 hours, which could lead to reputational damage.  This was illustrated with Facebook’s disclosure of a breach in September of 2018.  Facebook initially stated that 50 million users were affected, it then reduced that number to 29 million.  The requirement to report breaches without full knowledge of the scope and impact means that incident response programs are becoming increasingly important. 
Chain Break
Cyber due diligence is on the rise  
Proper cybersecurity is finally being recognized as a factor in M&A deals for financial institutions.  Yahoo’s breach disclosure during the Verizon acquisition, which led to a price reduction of $350 million, illustrated the importance of determining what risks might exist before a company acquires another entity.  The SEC has provided guidance around cybersecurity risks, so expect this to become a focus area if you are attempting to get funding.
Data Privacy
Data Privacy can no longer be ignored
Regulations like the California Consumer Privacy Act and Vermont’s data broker law are just the beginning of an inevitable increase in legislative action around privacy.  Enforcement of the EU GDPR (and respective fines) will increase in 2019.
lou@cdg.io

lou@cdg.io

Incident Response

If you think you have been the victim of a cyber attack, contact us right now.

  • Determining the extent of a breach
  • Performing a full-scope response from Identification to Recovery
  • Incident Response retainer services, including IR preparation for your team

Contact CDG

We mobilize and launch a complete investigation of any suspected incident within 24 hours.

  • Determining the extent of a breach
  • Performing a full-scope response from Identification to Recovery
  • Incident Response retainer services, including IR preparation for your team