Blog Posts

For Investors, Litigation Worries Eclipse Cybersecurity

A recent article in Bloomberg BusinessWeek highlighted how litigation is quickly becoming more of a concern for investors than the European Central Bank (ECB) test of balance sheets, and for good reason. The ECB test doesn’t cover litigation risk, and the only concession it makes to litigation at all was a warning to the two largest European banks to hold on to more cash to deal with litigation.

However, organizations of all sizes and in all sectors have become the target of cybercriminals, and investors understandably are worried about how companies are staying one step ahead of the inevitable litigation and investigations by regulators that come with cyber attacks and breaches. These breaches not only cost a lot initially to remediate but also can result in heavy fines or damages awards.

In the boardroom, post-breach litigation concerns are surpassing cybersecurity. Over the years, breaches have become sadly commonplace, and historically have had limited impact other than the investigation and notification phases following the breach. Rarely was litigation involved other than a governmental or regulatory inquiry. The discussion is no longer how to prevent a breach, because we’ve seen companies of all sizes attacked, and it has become an inevitable part of doing business.

Following the Target breach, (among others), the focus has shifted to defending against and mitigating the damage caused by the resulting investigations and lawsuits by Federal and state agencies, shareholders, and clients that follow breaches. This takes a large chunk out of budgets, and it can often hinder a company’s ability to innovate or grow as it funnels resources to damage control. Moreover, as regulators penalize companies for breaches, corporations are anxiously squirreling away resources to defend themselves after the inevitable breach, or paying out substantial amounts and drawing away from the bottom line.

As a result, enterprises are looking for ways to defend themselves so that they will have a clear audit trail to show regulators, as well as mechanisms in place to produce this trail. The procedures and technology in place are critical in case regulators do come knocking or lawsuits are filed, but there is no magic bullet that will solve everything. It does take a combination of people, processes, and technology to properly conduct e-discovery.

What it all boils down to is litigation readiness. Enterprises now more than ever need to know they can provide responsive data in the event of a lawsuit and investigation, and be able to winnow down the review time to avoid spiraling costs. They know they need to be ready to process documents, and quickly. Often, enterprises are finding that turning to a trusted partner saves a lot of money – money that can then be used for innovation and growth, something that investors appreciate.