Douglas Gansler Quoted in American Banker Article, "Four Steps Even Small Lenders Can Take to Prepare for Cyberattacks"
April 12, 2016
Douglas Gansler was quoted in Kevin Wack's American Banker article, "Four Steps Even Small Lenders Can Take to Prepare for Cyberattacks," on April 12, 2016.
The sudden ordinariness of corporate data breaches has led to feelings of helplessness inside the financial industry.
That sense of despair is apt to be particularly prevalent at smaller institutions, where the resources available to stave off sophisticated cybercrimes may not match the expectations of their regulators.
So what can a small firm do in the face of well-organized bands of hackers?
Waiting until after a data breach has occurred to establish a relationship with state attorneys general and other local authorities may leave institutions starting off on the wrong foot.
It's better to contact authorities beforehand, said Douglas Gansler, the former attorney general of Maryland. Being proactive, and being able to present an incident response plan that has been produced responsibly, sends a message to law enforcement that a company takes data security seriously.
"A year ago even, certainly two years ago, regulators would look at companies that had an incident as the defendant," said Gansler, who is now a law partner at Buckley Sandler in Washington, D.C. "And that's really changed over time — from 'The company screwed up' to now 'The company's been victimized.'"