National Cyber Security Recognition

In recognition of National Cyber Security Awareness Month and our firm’s commitment to bringing about more awareness to this critically important issue, we provide our readers with insightful tips on how to stay ahead of this all too pervasive issue. Unfortunately, too many think data breach is a big business problem when, in fact, their small and mid-size counterparts are more likely – not less – to be attacked. And attacks by outsiders on the internet and cyber criminals are only a part of the problem.

Did you know…

  1. More than 50% of data breaches can be attributed to the unintentional behavior or negligence of employees in the workplace. Common examples include an employee inadvertently opening malicious email that upon closer inspection would have raised a red flag – wreaking havoc on computer systems and often resulting in the silent harvesting of private company or customer information or failing to log-off leaving information open and exposed to potential misconduct by others. More intentional misconduct must also be guarded against when, for example, terminated employees who might be looking for retribution still have login credentials or other access to company or personal information.
  2. A staggering 60% of small businesses suffering a data breach will be out of business in less than 6 months following an attack (according to the Experian Data Breach Study in 2013 and other national sources). The cost of a data breach is not small and goes far beyond fines imposed by regulators, card brands, Attorney Generals or others. The typical response cost is now estimated at about $181 per record. For even the smallest breach, this quickly adds up with estimates for a small business data breach on average costing from $500,000 to $1,000,000 or more. In addition to the costs necessary to investigate and resolve a breach, the harm to a company’s reputation following attack is next to impossible to calculate – often resulting in staggering consequences for the ill prepared.
  3. Over 70% of security breaches are targeted on small businesses or particular industries. Retail, healthcare, hospitality and financial sector businesses have been particularly hard hit sectors and are often prime targets for cyber criminals. Attacks on small business aren’t usually the result of an attack on that particular, individual company, but more likely occur from the large, sweeping, phishing attacks cyber criminals make on industry sectors (retail, Mom & Pop shops and restaurants are among favorites) where hackers have correctly assessed these smaller businesses are less equipped to defend against attack.

The Best Defense to Cyber Attach includes:

  1. Creating a “culture of cyber security”. Everyone in the workplace must be adequately trained and aware of the potential risk of cyber attack. For even the smallest employer, Data Protection Policies suited to the particular industry risk and job function of their employees must be developed, monitored and enforced in order to protect against both inadvertent or more intentional use or abuse of sensitive, internal company information or customer personal information.
  2. Having a Response Plan in place can minimize the impact of a breach. Hacks, breaches and other cyber crimes happen out in the world every single day; just as fires, floods and other losses occur every day in the business world. In addition to training and adequate policies, every business needs a Data Security Response Plan outlining the important steps that need to be taken when a breach has occurred or is suspected. Too many small businesses are blind-sided when breach occurs and are fasted with too little too late in the eyes of regulators and others. With so much at stake, every business needs to be prepared. No business can assume it won’t happen. With the tremendous growth of insurance products coming on the market to cover a data breach losses, businesses may want to purchase coverage, but care must be taken to review what’s covered, what’s not, whether there’s coverage under existing policies and the insured’s responsibility for meeting the applicable data protection standards before coverage is available in the event of loss.
  3. Lastly, having the right team you can quickly call upon to assess and respond to a breach is critical. If and when the worst happens, having a plan in place means you won’t be consumed by the aftermath and have the right resources in place to assess and resolve the issue as quickly and favorably as possible.

This article was written by Attorney Tegan Blackburn, who focuses her law practice in Simsbury, Connecticut on Business & Corporate Law, Compliance Counseling, Commercial Transactions and Data Breach Response. She is General Counsel and Chief Compliance Officer to various IT, healthcare, retail and other industry clients and has been called upon to resolve data breach incidents in Connecticut, as well as acting as a consultant to other firms in and out of the New England area. This article is intended as general guidance and is not legal advice. The reader should consult with an attorney regarding their particular situation.

Other online resources are available at the National Cyber Security Alliance and at:
http://www.staysafeonline.org
http://nist.gov
http://stopthinkconnect.org

Why Everyone Should Have a Will

By most estimates, less than 50% of Americans have a Will or some other testamentary device.

Some compelling things to consider,

  1. Without a Will (or some other testamentary device) the state you reside in will decide for you who gets what and who’s in charge of your estate. Whether you have a small estate or a large one, unless you have a valid Will, Trust or some other testamentary device, the state formula outlining distributions for “intestate estates” (those with no Will) will be used for distributing your property to your heirs. For those married at the time of death if there are other living heirs (such as parents, children or grandchildren) in many states the surviving spouse will receive only a portion of the decedent’s estate. In Connecticut, what a surviving spouse receives under “intestate succession” laws (the leaving no Will formula) depends on whether or not there are living parents, children, grandchildren or great grandchildren. Needless to say, this can cause lot of unpleasant surprises for a surviving spouse, other family members and a lot of unnecessary inter-family conflicts. The formula used in Connecticut can be viewed at Conn. Gen. Stat. Sec. 45a-437(b) – 45a 438 www.cga.ct.gov and will give you an idea of just how many different scenarios you might be dealing with after the death of a family member who left no Will.

    “Not having a Will leaves a great deal to chance

  2. When there is no Will (or the Will cannot be located) surviving family members and friends are often left behind with different views of your wishes. Stating your wishes in a legally binding way with a Will (sometimes in combination with other testamentary devices) will help avoid the contests, fights and uncertainty that often arises when there is no Will. For those who have a Trust or other instruments making beneficiary designations, having a valid Will can also help in situations where property wasn’t properly titled and transferred to the Trust or beneficiary designations or updates weren’t made.
  3. Why should everyone have a Will? Making a Will is not just for those in later seasons of life. For those who are married, widowed, have young children, have accumulated some assets, or are in, or approaching retirement having a Will is one of the best ways to ensure those you leave behind won’t be left with a lot of uncertainty and turmoil about what the future holds. Are you willing to leave it to chance? Having a Will benefits everyone.
  4. What should be in a Will? Specifying who’s in charge of handling your estate by appointing someone you have confidence in and an alternate to act as the Executor is a good place to start; when there are minor children appointing a guardian is recommended to help avoid inter-family contests and disputes over who should be given this important role; if there are special needs for particular family members this should be considered (if unequal distributions or provisions are being made it’s good to say so and why); if there are business interests at stake making sure the Will is compatible with the company’s succession plan is critical to avoid potential conflicts with business partners; identifying any special gifts that you’d like to make; and lastly specifying how you would like your real estate, personal property or other property divided and distributed to your heirs, others or charitable causes are among the most often included provisions of a Will.
  5. What will your legacy be? Your legacy is more than just what you’ve acquired during your lifetime and the property you leave behind for others. Leaving family members and loved ones with the confidence of knowing your wishes and settling your affairs without a lot of unnecessary problems is one of the most important reasons for preparing a Will. Too often this important topic and preparing a Will is put off for another day. Why wait – when one of the best legacies you can leave is having a valid Will describing your wishes so family members aren’t left with the additional burdens of sorting things out after you’ve gone or learning when it’s too late they won’t be entitled to what they expected from your estate. It’s extremely important that your Will be validly created and can be located when needed. It’s best to consult with a qualified estate planning attorney to ensure your Will isn’t subjected to legal questions about its validity and includes everything that’s appropriate for your situation. For those who created Wills sometime ago, it’s good to review your Will every few years to make sure it still meets your needs.

This article was written by Attorney Tegan Blackburn, who concentrates her law practice on Estate Planning, Wills & Trusts, Probate, Succession Planning, Business & Corporate Law, Real Estate and Family Law. This article is not intended to be and should not be construed as legal advice and the reader should consult with an attorney concerning their particular situation.