Cyber Security Top Priority in Today’s Tech-Savvy World
While 2014 Has Seen Miami Emerge as a Growing Technology Hub, the Year Has Also Highlighted Significant Risks that Technology Poses for Businesses of all Types
Technology continues to be a hot industry throughout the world and particularly in Miami. The burgeoning tech scene in Miami is being driven in part by companies looking to capitalize on the City’s connections to Latin America. Some of the events adding to the Miami tech buzz this year include the inaugural eMerge Americas technology conference, the opening of the first U.S.-based Microsoft Innovation Center, at Venture Hive in Downtown Miami, and Citrix acquiring South Florida startup, Virtu.al.
However, with our ever-increasing reliance on technology comes new risks that now affect businesses of all types, ranging from retail to hospitality businesses and financial institutions. Data breaches and cyber attacks have become a common occurrence, resulting in significant class action litigations, shareholder litigations and FTC enforcement actions. As the number and scope of data breaches increase, so will the legal actions.
Cybersecurity and protection of consumer data has become a top priority issue with regulators, including the Federal Trade Commission (FTC) and the Securities and Exchange Commission. The FTC’s authority in this area was affirmed in the April 7, 2014 decision in FTC v. Wyndham Worldwide Corporation, et al., where the FTC claimed that inadequate security measures in that case violated Section 5 of the Federal Trade Commission Act, which prohibits “unfair” business practices.
Data breaches also have the attention of the States, which are adopting and amending legislation in this area. Florida amended its data breach notification statute this year with the Florida Information Protection Act of 2014 (FIPA). Among other new requirements, FIPA expanded the type of information that is protected, expanded what constitutes a data breach and now requires companies to notify individuals of a breach within 30 days after companies have reason to believe a breach occurred.
In today’s technology-dependent environment, all businesses need to adopt and implement effective policies and procedures to govern their data privacy practices and take measures to ensure compliance with those policies and procedures.