Escalating cyber threats and data privacy issues persist as primary sources of potential disagreements for corporations
In a recent report by Baker McKenzie, it has been revealed that cybersecurity and data disputes continue to pose the greatest threat to organizations worldwide for the second consecutive year. The report, which surveyed 600 legal and risk officers from U.S., U.K., Singapore, and Brazil-based companies with an annual revenue of at least $500 million, sheds light on the growing concerns of corporate stakeholders who are seeking to better comprehend the risk calculus of their technology stacks, asking the question: "Are we a target?"
The report highlights the increasing sophistication of cyber attacks and the growing demands from regulatory authorities as key factors contributing to the elevated risk level for organizations. Historically, more than two-thirds of ransomware attacks in the U.S. have gone unreported, underscoring the need for improved reporting and transparency.
International regulatory authorities, such as the European Data Protection Board (EDPB) under the GDPR framework, the U.S. Federal Trade Commission (FTC), and various national data protection authorities, are accelerating reporting obligations for suspected data breaches. This includes tighter and faster breach notification requirements, putting additional pressure on companies to address their cybersecurity vulnerabilities.
Cy Vance, global chair of cybersecurity at Baker McKenzie, emphasizes the importance of a more unified regulatory framework moving forward. He states that the biggest cybersecurity risk to companies is the actual risk of being hacked. Cybersecurity concerns are becoming more frequent and present a range of challenges for companies, including the risk of financial, operational, and reputational damage.
Different organizations will have varying levels of cybersecurity dispute risk depending on their business or function, and how well they implement and enforce their cybersecurity protocols. Corporate counsel and chief cybersecurity officers can help a company identify blind spots and potential legal risks related to cybersecurity.
Companies are also facing new and proposed mandates to accelerate requirements for reporting a suspected data breach. In light of these challenges, it is crucial for organizations to prioritize cybersecurity and data protection to safeguard their operations and reputation. By developing better policies, training, and procedures, companies can better prepare themselves for the evolving cyber threat landscape.
