• Ensuring Privilege of a Pre-Breach Cybersecurity Assessment
  • October 19, 2017 | Author: Erik B. Weinick
  • Law Firm: Otterbourg P.C. - New York Office
  • While data breaches at Fortune 500 companies and high profile organizations grab the headlines, organizations of all sizes and types must take reasonable steps to safeguard the data they obtain, manage and transfer. After all, cybercriminals are looking to make money as easily as possible and will often target the low hanging fruit offered by ill-prepared smaller companies. As a result, one prudent step organizations of all sizes may wish to consider is performing proactive pre-breach assessments (PBAs) of not only their hardware and software systems, but of their organizational systems and policies. In fact, for some organizations, such as those subject to regulation by New York’s Department of Financial Services, conducting a PBA may be a legal requirement.1Regardless, conducting a PBA is a prudent business practice that many consultants recommend doing through legal counsel.