By Daniel L. Farris
The seemingly unending reports of high profile data breaches have been a boon for privacy and data security startups, the Wall Street Journal recently reported. Venture firms have invested $1.2 billion in cybersecurity startups through the first half of 2015.
All of this investment makes privacy and data security big business, and demonstrates the importance that cybersecurity will have to economic growth going forward. The investments, however, demonstrate something else – risk. Not just the risk that investors in startup companies will have, but the increased risks established organizations will have in selecting good vendors to secure their products and services.
As the WSJ article identifies, the cybersecurity field is quickly becoming crowded with “me too” entrants. This concern echoes those raised months back of a “gold-rush mentality” in the wake of the DOJ’s issuance of new Cyber-Incident Preparedness and Response Guidance.
When selecting a cybersecurity vendor, diligence is key. It is important for companies to not only make a plan, but to be sure to ask their outside lawyers, accountants, and consultants to demonstrate their substantive knowledge and experience handling data preparedness and breach response efforts.
For assistance in launching or refining your own privacy and data security compliance program, selecting outside vendors, or implementing privacy by design, please contact the author or a Polsinelli Privacy and Data Security team member.