Cyber Security Law
You’ll never be 100% safe from a Cyber Attack…
… but that certainly doesn’t mean you shouldn’t try!
It’s the unfortunate reality of the modern world. There are, however, a lot of things you can do to dramatically reduce your risk of being attacked. More importantly, there are a lot of things you can do to make sure a cyber attack only has a minimal impact on your business.
We can help get you there.
At the Law Offices of Brian C. Focht, we can help you:
Immediately upon arriving on-site…
… our team begins its analysis of your business’s current situation. We will chart out where your data is kept, how it’s stored, how it’s transmitted. By creating a detailed network map, we’ll get an overview of your systems, workstations, and other network connections.
During this stage, we will also assess the current status of your hardware, software, and security systems.
Most importantly, we will assess the level of awareness those in your company have of the actual threat that cyber attacks pose – to their jobs.
Once we know what data you have, and where you keep it…
… and how you protect it, we’ll be in a position to assess how vulnerable you are.
Our team will investigate your operation as if we were hackers looking to gain access into your systems – we’re looking for weak points in your security.
We’re essentially trying to break into your company. We will run penetration testing on your website and network assets to locate potential weaknesses. We will inspect your network and computing operations to make sure they’re protected.
But we don’t stop there – because dedicated hackers won’t either. Our assessment will include a full security analysis, including a review of all applicable physical security parameters, and whether your third-party vendors are putting your data at risk.
Do you have the right policies and procedures in place…
… to protect your business? We have extensive experience reviewing, auditing, and drafting all of the various types of policies and procedures that you need to have in place at your business. From physical security policies, to social media policies, and the dreaded password policy, we’ve helped numerous companies draft the right policy for their business.
But we also know that having the right policy in place only matters if it’s adequately enforced. That’s why we’ll not only help you update or draft the appropriate policies, we’ll provide the help you need to get them going.
Let us be the bad guy if need be – it’s going to make your business more secure!
Your Cyber Attack Response Plan is Critical
While it might seem like just another policy document, we actually offer specific and specialized assistance in putting together a Cyber Attack Response Plan for your business.
Because it’s NOT just another policy document. Our Cyber Attack Response Plan will be specifically designed for your business, taking into account the realities of modern life. We don’t have a “form” response plan, because we truly believe that a plan must be put together with only your business in mind.
The single most valuable asset…
… in any company’s cyber security toolbox is an entry level employee who is aware of the threat of a cyber attack, knows what to look for, knows who to inform about suspicious activity, and does so.
That’s why we offer regular cyber security awareness training for your employees. We know from experience that the most expensive cyber security system can be defeated by any employee who carelessly opens email attachments.
In addition to regular training – which we will insist that all employees and management attend (remember that whole “weakest link” thing? It applies to management as well) we will also run periodic awareness tests, including simulated email phishing attacks, to assess the level of awareness in your business.
As I’ve said many times before, awareness is the key to effective cyber security.
How effective is your insurance?
In my experience dealing with both cyber security and insurance coverage issues, I’ve rarely seen a more dangerous combination than an insurance broker and a customer talking about insurance that neither of them understand.
Cyber liability insurance, or even the basic data breach coverage in your company’s CGL policy, is new. There is no standard form or language in the industry, and there are no laws or court precedents for insurance companies to rely on when it comes to how their policies will be interpreted.
Oh, and your broker doesn’t know a thing about cyber security.
Don’t leave your business’s financial survival to an insurance policy that was never meant to protect you from a hacker. We will help you negotiate the right insurance policy for your business, with the protections you need.
Better yet – we will help you get a better rate by agreeing to improve your own cyber security.