This is the last post in my cyber series. Here, I’ll be offering my suggestions about the content of an ideal cyber policy.
Don’t purchase a policy that covers a specific method or type of breach. The policy should cover the unauthorized release of “personal information” – data that specifically identifies an individual or company – and “ransomware.”
Why? Because the nature of hacking is ever-changing. It’s possible that a new method will emerge between the date of policy issuance and the cyber event.
Second, make sure the policy covers the very broad range of potential damages, which include:
That's it for this series.
In my previous tax planning blog post, I explained the three methods (deduction, exclusion, and credit) that are derived from the tax code. This post will briefly explain four methods that focus on planning.
Method 1: Extraction
What is it? Extraction occurs when the taxpayer removes (or “extracts”) an item of income from the tax base. This most commonly involves moving an item from the US economy and placing it into a tax haven and then structuring the transaction to somehow escape inclusion in the US taxpayer’s US tax base.
Method 2: Deferral
What is it? Here, the planner simply moves the realization event (which triggers inclusion into the taxpayer’s gross income for a specific year) to a future date. The farther into the future the planner can place the event, the better.
Method 3: Compression
What is it? Here the planner makes a total amount of assets appear smaller, reducing the tax burden. The most common example is a family limited partnership where the planner will make the children limited partners and then mechanically encumber each limited partnership interest to lower its fair market value.
Method 4: Conversion
What is it? The most common example is changing an item that would be taxed at higher ordinary rates and converting it to a lower-level capital gains tax rate. The most common way to accomplish this is with a qualified retirement plan like a 401(k) or IRA.
And there you have it: all the basic tools that a tax planner can use to change or alter your taxes due.
In the previous post, I observed that a cyber-breach will probably cause litigation. There are three other potential costs.
As noted by the FTC on its website, most states now require companies to inform parties impacted by a data breach:
Most states, the District of Columbia, Puerto Rico, and the Virgin Islands have enacted legislation requiring notification of security breaches involving personal information.
Here’s a good resource for the state-level statutory requirements.
We can add data restoration costs as the possibility exists that data will be lost or corrupted.
Then there’s reputational loss. To demonstrate this, ask yourself this hypothetical question: your business has two choices for a law firm. One law firm was recently the victim of a widely publicized data hack; the second one was not. Who would you do business with?
So, what's the typical cost of a data breach? A recent report from IBM contains several info-graphics. Let's start with this one:
The cost of a breach is high, involves a large number of records, and is difficult to discover.
And, the cost is high regardless of the size of the business that's a victim:
If you have a small to medium sized service-firm, your company is looking at a multi-million dollar loss.
Link From Our Previous Blog
The Law Office of Hale Stewart
734A E. 29th Street
Houston, Texas 77009