Data theft causes more than just consumer identity theft, fraud, and business reputation damage. It also leads to costly compliance violation payments and litigation. As a matter of fact, recent research into the latest litigation trends shows that an increase in lawsuits is from data breaches and cybersecurity incidents. The obvious answer is to have better cybersecurity controls, but attackers continue to create more sophisticated malware and exploits developed to bypass controls.
Litigation Trends Survey Show More Companies are Dragged into Lawsuits Due to Security Incidents
In a recent Annual Litigation Survey from Norton Rose Fulbright, 66% of companies reported that they felt more exposed to cybersecurity incidents. This percentage is up from 44% in 2020 right before the pandemic lockdowns took place. The increase in cybersecurity incidents is from more employees working from home and being vulnerable to attacks such as phishing, ransomware, and other malware.
The survey asked respondents why they feel that they are more exposed, and they gave several reasons for their insecurities. Respondents listed changes in legal and compliance landscapes, the increase in need for cloud storage of customer data, the effect of COVID-19 and lockdowns causing employees to work from home, adapting to the changing cybersecurity landscape to account for new threats, and insider threats both malicious and unintentional.
Respondents who felt less exposed to threats had increased their cybersecurity controls and improved their strategies to account for work-at-home employees. These companies either added controls, leveraged the cloud and took advantage of its cybersecurity controls, or they improved on existing controls to account for the changing IT environment.
Changes in Compliance Regulations
In the last few years, lawmakers added several new compliance regulations and changed existing ones to make organizations more accountable for their data breaches. For example, the US Securities and Exchange Commission (SEC) proposed new cybersecurity and risk management programs to protect consumer financial data. The new standards aim to minimize risks and eliminate unauthorized access to sensitive data. Financial service providers, investment companies, and financial business development companies must quickly change their security infrastructure to follow new standards or risk hefty fines.
The New York Department of Financial Services (NYDFS) oversees financial institutions, and they also proposed a new set of standards. New standards would require financial institutions to build better cybersecurity programs that will protect IT systems storing sensitive data from common threats. Businesses risk paying multimillion dollars in fines should they fail to properly secure financial data from threats. A few requirements include implementing multi-factor authentication (MFA), demands for reporting data breaches within a set amount of time, and performing an official and effective cybersecurity risk assessment.
Preventing Lawsuits from Cyber-Incidents
Organizations have a limited amount of time to implement new standards. Waiting for the last minute to deploy controls risks issues with bugs and possibly missing specific controls that leave the organization non-compliant. Organizations can get a head start on finding the right cybersecurity controls before the rush to make a deadline.
Most sophisticated attacks start with a phishing email, so stopping these emails from reaching the recipient is key to good cybersecurity. You shouldn’t rely solely on email filters, but they greatly reduce risk of ransomware, malware, and other sophisticated attacks. Emails flagged as suspicious are sent to a quarantine storage section of the environment for a review. Administrators review the email content and either identify an ongoing attack for investigation or pass the email to the user’s inbox to flag it as a false positive.
Content filters also help stop incoming phishing attacks. Sophisticated attacks might trick users into clicking a link to an attacker-controlled web page. This web page downloads malware to the user’s device where it can deliver its payload. In many cases, the payload is ransomware used to encrypt files and extort businesses for large payments. It’s impossible to reverse encrypted files without the private key, so businesses are forced to either pay the ransom or restore data from a valid backup.
Educating users to identify phishing is also useful, but email and content filters are a more viable failsafe should users fall for an attack. Empowering users to detect phishing is helpful, but it still often fails. Attackers might use social engineering in addition to phishing, which has been effective against even the most secure organizations.
TitanHQ has both email and content filtering systems proven to intelligently stop attacks. Check out our email protection and filtering products and our WebTitan DNS content filtering system.