Companies frequently wait until they’ve been hacked to seek counsel about their data security, one expert says. Bloomberg Law spoke with Hunton & Williams’ Lisa Sotto, CIPP/US, on Barnes & Noble’s recent data breach in which 63 stores were hacked for customer payment card data, inciting a lawsuit. “In most cases, companies are not doing anything wrong,” Sotto said. “These types of events are highly sophisticated, highly orchestrated…and the criminals who are doing this are creative and highly motivated.” Sotto advises her clients to “impose structure on their information security system” and be sure employees receive sufficient training. Small, manageable breaches have a silver lining, she said, because it prompts companies to take action.
If you want to comment on this post, you need to login.