Latest Trusted Advisor: Be a Champ on Cyber and Privacy

INTERVIEW ON THE PRICE OF BUSINESS SHOW, MEDIA PARTNER OF THIS SITE.

Recently Kevin Price, Host of the nationally syndicated Price of Business Show, interviewed Daniel A. Cotter, Attorney, and Counselor.

The Daniel Cotter Commentaries

Welcome to “Your Attorney as a Trusted Advisor with Daniel Cotter.” I’m Daniel Cotter, Attorney and Counselor at Howard & Howard Attorneys, PLLC.  For more information, please visit howardandhoward.com.

In today’s edition, I want to really focus on getting your house in order when it comes to privacy and cyber.  You want to have a program that is offensive and defensive so that you will be the champs when it comes to defending against bad actors trying to attack.  Things are continuing to be evolving and rapidly changing.  We have discussed briefly on prior episodes and in the newsletter, but it becoming more and more critical.

 

Internal policies and procedures

 

What polices and procedures does your organization have in place to address how you collect, store, transfer, as use data?  Do you have an incident response plan in place to address what happens if a potential security incident takes place? Do you limit the access that employees have to the most limited needed for each employee to do her job?  What password protections do you have in place to make sure that the most common passwords are not being used by your team?  If you collect credit card and payment information, are you PCI compliant?

 

 

Contracts and third parties

 

What steps and procedures do you have in place when interacting with third parties with whom you transfer data or receive data? Are you performing due diligence to ensure that their privacy practices and procedures are sufficient to give you comfort that your customers’ information will not be compromised? Do the third parties have cyber insurance in place? What assurances or protections do you have that they in turn are ensuring their third parties are complying with applicable law?

 

When it comes to contracts, are you reviewing your organization’s privacy commitments? What are you requiring from your partners?  Are you able to show evidence of privacy and cyber requirements third parties are requiring be part of the contract?  Are you working with your trusted advisor to discuss how your policies, practices, and procedures match up with your actual privacy and cyber implementation?   Are there gaps?

 

Awareness and Training

 

The key to an organization that is strong in resiliency against hackers and bad actors is awareness of every member of your organization, that they are a vital member of the team.  The weakest link determines how strong your defense is.  Train and make aware to employees and team members the ways bad actors are trying to penetrate your systems.

 

Team members should be tested on their awareness and vulnerabilities to phishing and other attacks.

They should learn and be informed that Phishing/spam emails in their inboxes should always be reported using the “Report Message” button in the Outlook toolbar.

 

Super Bowl

We are taping this latest episode and writing this on Super Bowl Sunday. The team today that plays the best combination of offense and defense, with special teams as well, will be the Super Bowl champion, with the Chiefs or Eagles being able to claim they are the best.  Cyber and privacy protections are similar to the best football team, it takes both excellent offense and defense and good special teams to win.  This time of year is also Lincoln’s Birthday and Presidents’ Day, a time known for mattress ads and sales.  Like in The Godfather, you must go to the mattresses and protect your data from the bad guys.

This is “Your Attorney as a Trusted Advisor with Daniel Cotter.”  I am Daniel Cotter, Attorney and Counselor at Howard & Howard Attorneys, PLLC, and your trusted advisor.  Please visit howardandhoward.com for more information.

 

For more great business content see here.