
A recent report from IBM found the average cost of a data breach is now USD $4.45 million; for the healthcare industry, that cost rose to USD $10.93 million.¹ The financial and insurance services industries are not far behind and experienced almost three times the number of data breaches as compared to healthcare. Almost 95 percent of these breaches are financially motivated with organized crime behind 70 percent of them.² The costs do not include regulatory penalties or litigation.
Along with a record growth in data breaches, a remarkable uptick has occurred in the number of data privacy and data security state legislation introduced in the past several years, and the momentum continues to build. In the absence of a federal data privacy act with preemption, businesses need to agilely adapt to this patchwork of federal and state laws and regulations. In addition, we continue to see a steady stream of enforcement actions and class actions focused on data privacy and security. In some cases, a business cannot survive. A recent survey of 5,000 US and European businesses found that nearly one-fifth believed their company could not survive a cyber-attack.³
Our Data Privacy and Cybersecurity team of attorneys is ready to assist with key legal services:
- Data breach notification
- Cybersecurity compliance and litigation risk assessments
- Developing cyber compliance management systems
- Compliance testing
- Defense litigation
For more information, contact:
For further information on federal and state data privacy and security laws, visit our resources for Data Privacy and Security.
[1] Cost of a Data Breach Report 2023, IBM [2] 2024 Data Breach Investigations Report, Verizon [3] Hiscox Cyber Readiness Report 2023
Analysis
North Dakota Enacts Law Copycatting GLBA Safeguards Rule
Virginia Artificial Intelligence Bill Vetoed on Heels of Colorado AI Report
Utah Enacts Law Requiring Generative Artificial Intelligence Disclosures
2024 Data Privacy & Security Roundup: New Laws, Regulations, Important Dates in 2025
New York Amends Data Breach Notification Requirements
Pennsylvania Amends Data Breach Notification Law