If you were hit by ransomware, you are part of the rapidly growing number of organizations that have had to decide how to respond — legally, quickly and often quietly. The veil of silence that shrouds many businesses’ response and recovery makes leveraging best practices at that moment all the more difficult. Many businesses and their advisors face hurried, whispered conversations due to threats from the attackers, demand for payment in short timetables, concern about influencing company valuations or scaring off customers, and confusion regarding what is allowed and what is required. Reviewing legal requirements, considering how others approach these challenges and consulting government guidance up front won’t eliminate the pain, but it can certainly help mitigate it. IAPP Research Director Caitlin Fennessy, CIPP/US, has the details.
If you want to comment on this post, you need to login.