Private Equity Breakfast Roundtable: Cybersecurity Breaches. Not If…When
It is no secret that cyberattacks continue to surge. The unfortunate reality is many solid companies with robust compliance and security processes have been the victims and the fallout from a breach can be devastating. At a recent Private Equity Breakfast Roundtable titled “Cybersecurity Breaches. Not If…When” and co-hosted by EisnerAmper and law firm Bracewell LLP, a quartet of speakers emphasized measures companies need to implement to be in the best position possible to prevent data breaches.
There are four things companies must do:
- Test their networks for vulnerabilities.
- Train their employees. Employees are instrumental in preventing possible cyberattacks. Therefore, the onus is on businesses to ensure they educate them on how to handle confidential information, e-mail safely, detect phishing schemes, and more.
- Patch their network to fix security vulnerabilities and bugs. Companies need to have a plan in place to determine what types of patches should be applied and the frequency of this process.
- Implement robust policies and procedures. First and foremost, firms need an incident response plan intact for the first 24 hours of an attack, which includes mobilizing the crisis management team, getting the facts, preparing short-term messages, and more. Ultimately, communications is key since it can impact the legal outcomes of the breach.
EisnerAmper and Bracewell speakers who shared their insights included:
- Cheri Hoff, Partner, Bracewell
- Glen Kopp, Partner, Bracewell
- Paul Nathanson, Senior Principal, Bracewell