This browser is not actively supported anymore. For the best passle experience, we strongly recommend you upgrade your browser.
Asset 3
  • About
  • People
  • Capabilities
  • Insights
  • Careers
  • Public Interest
  • Inclusion
  • Contact us
    Contact us
  • Locations
    Locations
  • Search
    Search
  • About
    • About
    • Message From the CEO
    • Firm History
    • Alumni
    • Alumni
    • In Memoriam
  • People
  • Capabilities
    • Practices
    • Industries
    • Global Reach: The Law Firm Network
    • Bankruptcy & Restructuring
    • Brand & Reputation Management
    • Intellectual Property
    • Litigation & Dispute Resolution
    • Special Situations, Distressed Debt and Debt Trading
    • Transactions
    • Tax
    • White Collar Defense, Investigations & Compliance
    • Energy & Environmental
    • Entertainment & Media
    • Investment Management 
    • Life Sciences
    • Technology
    • Real Estate
    • Bankruptcy & Restructuring
    • Bankruptcy Litigation
    • Mass Torts Bankruptcy
    • Intellectual Property
    • Intellectual Property Litigation
    • Patent Prosecution & Transactions
    • Trademark, Copyright & Advertising
    • Patent Trial and Appeals Board (PTAB)
    • Litigation & Dispute Resolution
    • Civil Fraud Litigation
    • Employment Practices and Litigation
    • Government Contracts Litigation
    • Intellectual Property Litigation
    • Insurance Recovery
    • Litigation Funding
    • M&A and Private Equity Litigation
    • Real Estate Litigation
    • Patent Trial and Appeals Board (PTAB)
    • UK Tax Controversy & Litigation
    • Special Situations, Distressed Debt and Debt Trading
    • Distressed Debt & Claims Trading
    • Litigation Funding
    • Finance
    • Real Estate Special Situations
    • Transactions
    • Capital Markets
    • Cross-Border Transactions
    • Emerging Growth Companies & Venture Capital
    • Employment
    • Finance
    • Franchising
    • Mergers & Acquisitions
    • Tax
    • White Collar Defense, Investigations & Compliance
    • Economic Sanctions & Export Controls
    • Energy & Environmental
    • Energy
    • Energy Transition
    • Environmental
    • Entertainment & Media
    • Brand & Reputation Management
    • Intellectual Property
    • Sports
    • Investment Management
    • Fund Formation
    • Private Equity Transactions
    • Distressed Debt
    • Emerging Growth Companies & Venture Capital
    • Family-Owned & Closely Held Businesses
    • Private Equity Litigation
    • Life Sciences
    • BR BioAdvisory Services
    • Technology
    • Artificial Intelligence
    • Cybersecurity & Data Privacy
    • Digital Commerce
    • Fintech
    • Real Estate
    • Hospitality & Leisure
    • Distressed Real Estate
    • Real Estate Special Situations
    • Real Estate Litigation
    • Wireless Network Infrastructure
  • Insights
    • Client News
    • Firm News
    • Briefings
    • Events
  • Careers
    • Experienced Lawyers
    • U.S. Law Students
    • London Trainee Program
    • Business Professionals
    • Professional Development
  • Public Interest
    • Brown Rudnick Charitable Foundation
    • Pro Bono & Community Service
  • Inclusion
    • Inclusion
    • Women in Business Series
  • Contact Us
  • Location
  • Search
  • About
    • About
    • Message From the CEO
    • Firm History
    • Alumni
    • Alumni
    • In Memoriam
  • People
  • Capabilities
    • Practices
    • Industries
    • Global Reach: The Law Firm Network
    • Bankruptcy & Restructuring
    • Brand & Reputation Management
    • Intellectual Property
    • Litigation & Dispute Resolution
    • Special Situations, Distressed Debt and Debt Trading
    • Transactions
    • Tax
    • White Collar Defense, Investigations & Compliance
    • Energy & Environmental
    • Entertainment & Media
    • Investment Management 
    • Life Sciences
    • Technology
    • Real Estate
    • Bankruptcy & Restructuring
    • Bankruptcy Litigation
    • Mass Torts Bankruptcy
    • Intellectual Property
    • Intellectual Property Litigation
    • Patent Prosecution & Transactions
    • Trademark, Copyright & Advertising
    • Patent Trial and Appeals Board (PTAB)
    • Litigation & Dispute Resolution
    • Civil Fraud Litigation
    • Employment Practices and Litigation
    • Government Contracts Litigation
    • Intellectual Property Litigation
    • Insurance Recovery
    • Litigation Funding
    • M&A and Private Equity Litigation
    • Real Estate Litigation
    • Patent Trial and Appeals Board (PTAB)
    • UK Tax Controversy & Litigation
    • Special Situations, Distressed Debt and Debt Trading
    • Distressed Debt & Claims Trading
    • Litigation Funding
    • Finance
    • Real Estate Special Situations
    • Transactions
    • Capital Markets
    • Cross-Border Transactions
    • Emerging Growth Companies & Venture Capital
    • Employment
    • Finance
    • Franchising
    • Mergers & Acquisitions
    • Tax
    • White Collar Defense, Investigations & Compliance
    • Economic Sanctions & Export Controls
    • Energy & Environmental
    • Energy
    • Energy Transition
    • Environmental
    • Entertainment & Media
    • Brand & Reputation Management
    • Intellectual Property
    • Sports
    • Investment Management
    • Fund Formation
    • Private Equity Transactions
    • Distressed Debt
    • Emerging Growth Companies & Venture Capital
    • Family-Owned & Closely Held Businesses
    • Private Equity Litigation
    • Life Sciences
    • BR BioAdvisory Services
    • Technology
    • Artificial Intelligence
    • Cybersecurity & Data Privacy
    • Digital Commerce
    • Fintech
    • Real Estate
    • Hospitality & Leisure
    • Distressed Real Estate
    • Real Estate Special Situations
    • Real Estate Litigation
    • Wireless Network Infrastructure
  • Insights
    • Client News
    • Firm News
    • Briefings
    • Events
  • Careers
    • Experienced Lawyers
    • U.S. Law Students
    • London Trainee Program
    • Business Professionals
    • Professional Development
  • Public Interest
    • Brown Rudnick Charitable Foundation
    • Pro Bono & Community Service
  • Inclusion
    • Inclusion
    • Women in Business Series

Search People

Search by last name

A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z

see all people

Asset 3
  • LinkedIn
  • X (formerly known as Twitter)
  • Instagram
  • YouTube
  • Contact Us
  • Terms of Use
  • Privacy
  • Sitemap
  • LinkedIn
  • X (formerly known as Twitter)
  • Instagram
  • YouTube

© 2024 Brown Rudnick LLP. Attorney advertising.

All Rights Reserved.

All Posts Subscribe
print-logo
3/6/2024 10:29:00 PM | 2 minute read

In NYLJ, Partner Matthew Richardson and Associate Morgan Jones Offer Guidance on Responding to Data Breaches

System warning hacked alert, cyberattack on computer network. Cybersecurity vulnerability, data breach, illegal connection, compromised information concept. Malicious software, virus and cybercrime.

Get in touch

Avatar
Matthew Richardson
Partner
Avatar
Morgan Jones
Associate

Get in touch

Avatar
Matthew Richardson
Partner
Avatar
Morgan Jones
Associate

Partner Matthew Richardson and associate Morgan Jones co-authored an article for the New York Law Journal about the business challenges and costs associated with responding to a global data breach.

In the March 5 article, entitled “When Global Reach Can Mean Global Breach,” the authors noted that, in order for the incident response process to work as seamlessly as a company expects, all of the moving pieces must fit together just the right way.

“Any company scaling its abilities to operate globally will appreciate that ‘growing pains’ usually evolve into new issues, which may best be described as ‘maintaining pains,’” they wrote. “One of the most high-profile ‘maintaining’ pains is the threat of a data breach, particularly for technology companies that are rich in personal data, such as companies developing artificial intelligence algorithms, due to the large amount of data necessary to train the model.”

While the liability of the board members depends on the discretion of the regulators that have jurisdiction over the breach, the cost of a breach will depend, based off of ransoms, fines, lawsuits and notification costs, they wrote. The notification costs, however, are the most immediate factor in these breaches because they are complex and involve multiple elements.

Among the drivers of incident response costs relates to the obligations, liabilities and notifications required by third parties, they explained. Companies with cyber insurance are also typically required to notify their carrier of a breach.

“Notifications from vendors are one of the most important elements of addressing a data breach impacting a company’s supply chain, so it is important to get this right in a compressed time frame,” they wrote. “Once the obligations are met, the company can approach the vendor to be made whole as to its costs and expenses, whether by indemnity, or a breach of contract claim, and hopefully the contact with the vendor contract addresses these topics. That being said, there are avenues to pursue in absence of suitable protections in the contract with the vendor.”

Additional notices to regulators may also be required, which will further add to the costs associated with a data breach. With notification deadlines as short as 72 hours from the discovery of the breach, it’s unlikely that all the material facts have been ascertained during that time, particularly since the required information in a breach notification can vary by jurisdiction.

“Whether the breach is caused by internal or external factors, costs and obligations associated with a breach will arise,” they wrote. “The degree to which a company plans and prepares for a breach in advance will greatly control the amount of uncontrolled costs and stress when a breach occurs.”

Read the full article here.

Sign up to receive our latest BRiefings delivered directly to your inbox. Subscribe

Tags

new york law journal, data, global data breach

Get in touch

Avatar
Matthew Richardson
Partner
Avatar
Morgan Jones
Associate

Get in touch

Avatar
Matthew Richardson
Partner
Avatar
Morgan Jones
Associate
Demystifying Tax Professional Negligence Claims in the UK
6/26/2025 6:12:36 PM

Demystifying Tax Professional Negligence Claims in the UK

By Matthew Sharp
When can you sue a Tax Adviser or Accountant for bad or deficient tax advice? When Tax Advice Goes Wrong In the UK, individuals and...
16
16

Latest Insights

OFAC Imposes Maximum Civil Penalty on VC Firm for Sanctions and Reporting Violations
6/27/2025 8:59:28 PM

OFAC Imposes Maximum Civil Penalty on VC Firm for Sanctions and Reporting Violations

By Daniel Sachs Nancy Turner Stephen Best
DOJ’s New FCPA Guidelines Focus On Corrupt Intent and Transnational Crime
6/12/2025 1:22:12 AM

DOJ’s New FCPA Guidelines Focus On Corrupt Intent and Transnational Crime

By Daniel Sachs Steven Tyrrell Stephen Best Angela Papalaskaris +1 more...

Show less

6
19
25
HMRC Publishes Reporting Guidance For Cryptoasset Services Users and Providers
6/9/2025 2:42:25 PM

HMRC Publishes Reporting Guidance For Cryptoasset Services Users and Providers

By Jessica Lee Matthew Sharp Menelaos Karampetsos
18
18