The Cybersecurity Law Report

Incisive intelligence on cybersecurity law and regulation

Articles By Topic

By Topic: Surveys

  • From Vol. 2 No.23 (Nov. 16, 2016)

    Increasing Role of Counsel Among Operational Shifts Highlighted by Cyber Risk Management Survey

    As companies become more aware of the complexities of cyber risk, they are approaching not only preventative measures more collaboratively, but also risk management and insurance selection. A recent survey conducted by Advisen and Zurich North America shows operational shifts, including the increasing cooperation between IT and risk management, a heightened role for counsel and boards, as well as more reliance on external resources for post-breach efforts. The survey also reveals that the process of determining the right insurance coverage is also becoming part of this collaborative security effort. “Insurance in the cyber realm is not merely an instrument for transferring risk. Even the process of obtaining the insurance is viewed as a catalyst for driving and elevating enterprise-wide cybersecurity risk management,” Roberta Anderson, K&L Gates partner, told The Cybersecurity Law Report. See also “Building a Strong Cyber Insurance Policy to Weather the Potential Storm” Part One (Nov. 25, 2015); Part Two (Dec. 9, 2015).

    Read Full Article …
  • From Vol. 2 No.18 (Sep. 7, 2016)

    Survey Reveals What Keeps Consumers Away From Connectivity and How to Address Their Concerns 

    For companies that collect personal information, a breach may cause already wary consumers to choose other options for those products and services. The results of the KPMG Barometer Report illustrate these realities, and, focusing on the technology, retail, financial services and automotive industries, the Report suggests ways companies can improve cybersecurity preparedness. The Report also cites specific actions companies should take following an incident to raise consumer confidence and retain their customers. These actions are all the more important as consumers become “less forgiving. They have expectations that companies will take due care to provide robust security and privacy protections and are becoming more likely to vote with their wallet when those expectations are not met,” Greg Bell, the U.S. leader of KPMG Cyber, told The Cybersecurity Law Report. See also “How to Avoid Common Mistakes and Manage the First 48 Hours Post-Breach” (Jun. 22, 2016).

    Read Full Article …
  • From Vol. 2 No.17 (Aug. 24, 2016)

    Cybersecurity Due Diligence in M&A Is No Longer Optional

    The heightened importance of cybersecurity in the corporate environment has made it vital for potential acquirers to assess the IT systems of target companies to determine their value and risk. Despite an increased awareness of the importance of cyber due diligence, many companies lack the proper personnel to conduct thorough analyses, according to a new study by West Monroe Partners and Mergermarket that surveyed top-level corporate executives and private equity partners about their companies’ practices. The results provide a window into the trends that shape the diligence process, as well as insights into the ways it can be improved. We summarize the study’s key findings. See also “Tackling Cybersecurity and Data Privacy Issues in Mergers and Acquisitions (Part One of Two)” (Sep. 16, 2015); Part Two (Sep. 30, 2015).

    Read Full Article …
  • From Vol. 2 No.8 (Apr. 13, 2016)

    Study Analyzes How Companies Can Overcome Cybersecurity Challenges and Create Business Value

    Many executives tasked with combatting cybersecurity threats lack necessary awareness and readiness, according to a survey commissioned by security firm Tanium and the NASDAQ. The Accountability Gap: Cybersecurity & Building a Culture of Responsibility (the Survey Report) includes findings of an extensive study involving 1,530 non-executive directors, CEOs, CISOs and CIOs of major corporations around the globe. Using information from a combination of one-on-one interviews and a quantitative survey, the Survey Report highlighted seven key cybersecurity challenges facing boards and executives and provided actionable advice in these areas. We examine these findings, with input from Lance Hayden, managing director of Berkley Research Group, and author of People-Centric Security. See also “Protecting the Crown Jewels Using People, Processes and Technology” (Sep. 30, 2015).

    Read Full Article …
  • From Vol. 1 No.10 (Aug. 12, 2015)

    Surveys Find Internal and Third-Party Cybersecurity Risks Among Top Executive Concerns

    Corporate executives, even those with great defense resources, consider cybersecurity one of the most worrisome issues they confront.  In this article, experts from Deloitte, Protiviti and the Santa Fe Group dissect the results of two recent studies.  Greg Dickinson, a director at Deloitte who leads the quarterly survey “CFO Signals: What North America’s top finance executives are thinking – and doing,” explained how and why many CFOs are feeling unprepared for cybersecurity threats.  In addition, while discussing the “2015 Vendor Risk Management Benchmark Study: The Shared Assessments Program and Protiviti Examine the Maturity of Vendor Risk Management” Rocco Grillo, cybersecurity managing director at Protiviti, and Gary Roboff, senior advisor to the Santa Fe Group and manager of its Shared Assessments Program, explain how the finance industry outperforms others in third-party risk management and stress the importance of risk committees and data mapping.  See also “Ponemon Study Finds Increasing Data Breach Costs and Analyzes Causes,” The Cybersecurity Law Report, Vol. 1, No. 5 (Jun. 3, 2015).

    Read Full Article …
  • From Vol. 1 No.5 (Jun. 3, 2015)

    Ponemon Study Finds Increasing Data Breach Costs and Analyzes Causes

    The average cost of a data breach increased from $3.52 million last year to $3.79 million this year, according to a recently-released Report by IBM and the Ponemon Institute.  The Report analyzes trends that have contributed to the overall cost increase of data breaches as well as factors that can reduce or increase the cost of individual data breaches.  The Report also breaks down types of breaches and compares data across 11 nations, several industries and results from the previous two years.  And, the Report predicts the likelihood an organization will experience a breach of various sizes over a 24-month period.

    Read Full Article …