News & Insights

Legal Risks Associated with Cyberattacks

May 24, 2017

Legal Risks Associated with CyberattacksPROACTIVE MEASURES AGAINST CYBERATTACKS

The recent ransomware attack that has affected more than 100,000 organizations has emphasized how immense the potential impact can be on the financial services industry. It is imperative for firms to protect their network from these types of threats through various technical lines of defense, including:

  • Offline and secure backups of the firm’s data (such as an external physical hard drive);
  • Updating software, patches, and operating systems;
  • Monitoring and intrusion detection;
  • Training employees to practice vigilance against cyber risks like phishing schemes;
  • Layered security approaches tailored to the firm’s cyber risks, system and information; and
  • A thoroughly tested incident response plan.

While these technical protections may be in place, there still remains the threat that new and more sophisticated cyberattacks can breach these lines of defense. In the event that a cyberattack is successful, firms should strongly consider the necessity for legal counsel prior to the attack.

THE APPLICABILTY OF LEGAL COUNSEL

There are a variety of different legal situations that can have significant consequences if not addressed immediately by experienced legal counsel. Scenarios to consider include:

  • The necessity of attorney-client privilege in the case of an initial cyber investigation so that the firm may obtain candid legal advice;
  • Determining whether the cyberattack triggers any potential legal notification requirements obligated under contract or statute;
  • Devising an effective strategy in responding to inquiries initiated by federal regulators, state regulators and law enforcement;
  • Identifying potential civil actions and mitigating associated costs;
  • Ensuring antitrust protections are established when sharing cyber threat indicators and defensive measures with competitors as required by The Cybersecurity Information Sharing Act of 2015; and
  • Reviewing what is covered by cyber insurance.

WHAT DOES THIS MEAN FOR ME?The legal proceedings that result from a cyberattack require a thorough understanding of all potential implications and how to mitigate these risks. Fairview® encourages firms to consider the value of maintaining legal counsel prior to a possible security breach, including the ability to preserve attorney-client privilege. This legal assistance can be instrumental in minimizing possible business disruptions.

Sources: https://www.morganlewis.com/pubs/wannacry-ransomware-cyberattack-raises-legal-issues

Click below to view General Filing Deadlines and SEC Holidays

Regulatory Calendar

Stay up to date on the latest industry news and resources.

Filter by Category

Filter by Topic

Fairview

Fairview has been providing streamlined solutions to providers in the financial services industry since 2005. We are part of ViewPoint Partners, our employee-owned parent company for both Fairview and FilePoint, which provides regulatory reporting solutions for registered investment companies.

©2024 Fairview® Investment Services, LLC. All rights reserved.

1330 St. Mary’s St.
Suite 400
Raleigh, NC 27605

info@fairviewinvest.com
919.706.4100
FAX: 800.770.9925