While it is said that in war history is written by the victors, in the context of a highly publicized cyberattack it’s worth considering whether history can be written by the victims. The public thirst for information (and sensationalism) that typically results from announcement of a cyberattack involving data theft provides an important opportunity for shaping the narrative surrounding the incident. But seizing on this opportunity requires a delicate balancing act. By providing too much information too soon, a victim may make damaging misstatements and thereby incur legal liability. But by providing too little too late, a company can significantly impair its public goodwill and incur the wrath of regulators—to say nothing of the plaintiffs’ bar.
This article goes beyond the nuts and bolts of how to respond to a data-breach incident, and offers some lessons learned from the frontlines of the cybersecurity war to help companies successfully navigate the legal and public-relations minefield that ensues.
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.
For questions call 1-877-256-2472 or contact us at [email protected]
