In 2020, U.S. companies spent nearly $3 billion defending class action lawsuits resulting from cybersecurity attacks. In a Texas Lawyer article discussing the rising number of cybersecurity incidents and the costly results, Jackson Walker partner John Jackson shared how ransomware attacks are growing increasingly common—and what companies can do to protect themselves.
“Lately, I found ransomware is occurring with even nonprofits and smaller companies that are easier targets. It can be pretty devastating,” he said.
With $500,000 sometimes being the minimum ransom amount, John stated, “It’s kind of a financial calculus. If the company is experiencing business losses, and they are losing say $100,000 a day, every day, and they have been shut down for two weeks, and it will take another week or two to get everything up and running.”
Even after a company rebounds once the ransom is paid, that business may face litigation by customers, employees, and shareholders.
To protect themselves, companies can provide life lock and credit monitoring to those who had their data stolen, which protects the individuals from identity theft and the company from liability.
“If a consumer had personal information exposed and the company offered them the life lock protection, and they can’t show they suffered financial damage, then the lawsuit may be unsuccessful,” he added.
To read more, view the Texas Lawyer article “With Looming Attack and Litigation Risk, Lawyers Say Every Business Should Buy Cybersecurity Insurance” (subscription required).
John M. Jackson has represented clients in patent litigation and complex commercial litigation matters in federal and state courts throughout the country, and in the International Trade Commission (ITC). He has represented clients in patent infringement lawsuits involving software, internet applications, consumer electronics, oil drilling technology, mechanical devices, chemical compositions, and business methods. In addition to his intellectual property practice, John co-chairs the Firm’s Cybersecurity Litigation Group and counsels clients concerning data privacy issues. He has earned certification as a Certified Information Privacy Professional (CIPP/US) and a Certified Information Privacy Manager through the International Association of Privacy Professionals.