Mar. 23, 2015

Be Proactive in Cyber Security or Pay a Hefty Price

High profile data security breaches like those at Target and Home Depot drive home the need for businesses to take active responsibility for shielding customer information – and so do the resulting lawsuits.

“Companies can’t afford to stick their heads in the sand where cyber security is concerned. The potential cost to them for doing so is simply too high,” says Paul O. Lopez, an attorney and director with Fort Lauderdale-based Tripp Scott who chairs the firm’s litigation department and who has handled a large number of cases involving compromised data and issues pertaining to the storage of financial information. Together with attorneys Catalina M. Avalos, Megan L. Janes and Ryan Lehrer, Lopez also works with businesses that want to make sure their systems and procedures are in compliance with what the government considers to be best practices.  

Lopez says that internal and external breaches of data security have cost companies millions of dollars, as both federal and state governments hold them responsible for protecting the information. Violations of laws like the Computer Fraud and Abuse Act and the Stored Communications Act come into play when those whose information is compromised file suit – individually and in class actions – against companies with data breaches. Lopez expects the government oversight of data breach issues to increase as Congress is currently considering more legislation that addresses the need for best practices in data security. 

To be less vulnerable to hacker attacks and the potential data breach activities of rogue employees, companies need to create secure networks for information, the Tripp Scott attorneys advise. To guard against internal threats, businesses need to employ competent IT staff to supervise cyber security, make sure that employees sign confidentiality agreements and update their passwords frequently. To shore up company network security against external cyber attacks, update firewalls and make certain that data is well encrypted, which makes it more difficult to penetrate.

“If your firewalls are from three or five years ago, they would likely be considered obsolete according to industry standards. So if information is compromised, your company could be held responsible for not having taken the necessary steps to protect customer information,” Lopez says. “You should review your protective technology every 12 to 24 months to be certain it is considered current, and make the investment in new technology for this purpose if at all possible. Factor it into your budget.” 

The penalties for companies the government considers to be lax with regard to cyber security are substantial, he notes. While many cases brought by injured parties are settled at a heavy price, some go to jury trial and result in even higher corporate costs. Class action claims for data breaches due to insufficient security can amount to tens of millions of dollars, Lopez says, and penalties can be criminal as well as civil. States differ with regarding to security standard benchmarks, so it is important to know the most current standards where a company is operating, as well as the federal position on the issues.

Many of the breaches Lopez has seen involve former employees’ theft of customer information for use either in their employment with a competitor or in their own businesses.

“We work side by side with forensic IT experts to quickly understand how the information was stolen and transmitted,” Lopez says. “From there, we can map out a strategy to deal with it. However, we hope more often to help companies in their proactive efforts that will help avoid security breaches and damages.”

View article



Evening of Wine & Cheese

A private reception
Tuesday, February 26, 2019 
5:30 p.m. – 7:30 p.m. 
Timpano’s Italian Chophouse 

Tripp Scott's Jeffrey Wood Wins Charter School Champions Award

FORT LAUDERDALE, Fla. – (November 26, 2018) – Tripp Scott today announced that Jeffrey S. Wood, a director with the law firm, has been named the winner of a 2018 Florida Charter Schools Champions Award at the recent Florida Charter School Conference in Orlando.

Policies, Training, Enforcement Help Avoid Workplace Discrimination Claims

Penalties and damage awards resulting from successful EEOC actions or workplace discrimination lawsuits can be burdensome to large employers; they can drive small companies out of business. Reduce company exposure by working with HR and your legal team to implement and enforce proper policies to achieve a workplace culture with zero tolerance for discrimination of any kind.

Start a Conversation

The use of the Internet or this form for communication with the firm or any individual member of the firm does not establish an attorney-client relationship. Confidential or time-sensitive information should not be sent through this form.