small-logo
Need help now? Call 216.321.7774

The Speed of Breaches and Other Bad News in Cybersecurity Incident Response

In this piece written for the D&O Diary, Paul Ferrillo, a partner in the New York office of the Greenberg Traurig law firm, examines the ways that an organization can respond well to a cyber incident.

Years ago, when describing a “bad news” event, it was common to describe the situation to your colleague as “right hand column, above the fold.”  Meaning in tomorrow’s newspaper (like the paper edition of the New York Times), the written article would be in the far-right hand column, on the top half of the fold (ok, Millennials, we get it, you have never seen a “paper” New York Times).  That meant likely the article was important.  And that you should read it first and fast.

Today, there is no such luxury of having until the next day to respond to a bad news event.  Today you are lucky if you have an hour to respond to a high-activity blogger before he or she levels you or your company with an upper cut posting you were not expecting, like “You’ve been hacked, and we know you know you’ve been hacked but haven’t said anything.”  Or worse, that post is coupled with an impromptu iPhone video describing the problem.  One recent commentator described a similar situation:

For [this company], it was video footage of a bloodied passenger …, being dragged off the plane by airport security guards. Once that clip hit social media, it went viral. Worse, it took [the company] two days to respond with a meaningful statement and apology. This lag made the airline look uncaring and incompetent.

For the rest, click here.


Contact Us

Your name Organization name Describe your situation Your phone number Your email address
Leave this as it is