Key Insights for Businesses Regarding Cyberattacks
Most business leaders already understand the devastation a cyberattack can have on an organization. As a matter of fact, a study by Accenture called The Cost of Cybercrime demonstrates that 68 percent of business leaders feel their cybersecurity risks are increasing. There’s good cause for this given that the same report shows the number of cyberattacks is increasing and take longer to resolve, pushing the cost of cybercrime ever higher. In just the last year, the Accenture study shows an 11 percent increase in cybercrime over the previous year and there’s been a 67 percent increase in cybercrime in the last five years.So how can modern businesses, especially those with fewer resources, protect themselves from such bad actors? There are several steps to cybersecurity business leaders can take to ward off malicious individuals. Below you’ll find the key insights to help you take measure of your company’s cybersecurity. By regularly assessing the security of your business data through the following steps, you can steer your company clear of cyberattacks that could cost thousands of dollars in lost time and revenue, recovery measures, and damage to its reputation.Understanding the Cost of a BreachBusiness leaders, especially those with small to medium businesses (SMBs), often have a false belief that they won’t be targeted and cannot afford proper cybersecurity. The fact is that many people fail to understand the hidden costs of a breach so they don’t realize the value behind employing cybersecurity measures upfront.Besides the obvious cost of data theft following a cyberattack, organizational leaders need to be aware that a breach can lead to regulatory issues and litigation. For example, if a small medical practice is hacked and personally identifiable information (PII) and health information are exposed, these are serious privacy violations that could lead to sanctions and fines by the government. Beyond that, patients could file a civil suit against the office costing endless amounts of money in legal fees and time.In addition to data about people, your business likely has proprietary information known as intellectual property (IP). It is the unique IP that makes each business special and differentiates it from competitors. Consider the work of a defense contractor, for example. The IP behind new weapons and defense technologies are what keeps the business moving ahead and competitive in its market. If that information is stolen and disseminated to the wrong people, not only could it destroy the business itself, but it could put our nation at a distinct disadvantage if we engage in a war with a country that has stolen our secrets.The white paper Beneath the Surface of a Cyberattack: A deeper look at business impacts by Deloitte shows that the loss of such IP is just one of the hidden costs of a cyberattack. Following a breach, your business may take a hit on its reputation, devaluing your business’s trade name and experience lost contract revenue as a result. When it comes to IP that contains trade secrets, proprietary knowledge, and even drawings and renderings, the true cost may not be quantifiable. With this in mind, your company has a real obligation to share what has been stolen and the potential impact of the loss with investors, stakeholders, and shareholders as soon as possible. Additionally, you will need to address the recovery of data and resume operations as quickly as possible to avoid further downtime.Time is of the EssenceWith a breach and the loss of data, your company will need a plan in place to bounce back quickly. This is why backing up IP and other data is so imperative. At ORAM Corporate Advisors, we also emphasize the critical need for every business to have a cybersecurity recovery plan in place as well.Malware, which is the most expensive attack type for organizations according to the aforementioned Accenture study, and other software used in cyberattacks is difficult to detect. Cyber theft can go undetected for long periods of time without the business realizing their information is being stolen. According to a study by IBM, the average time to identify a breach in 2019 was 206 days! With each passing day that goes by and each piece of IP stolen, the company will see its competitive advantage deteriorate.This means employing monitoring and detection software is critical to help identify potential attacks early and swiftly. Additionally, businesses will need to determine quickly what information was stolen while assessing the damage caused by the breach (think in terms of lost PII and IP, damages to customers, regulatory issues, litigation, damage to reputation, lost work time, lost revenue, etc.). During recovery, you’ll also need to check for viruses or other malware that may have invaded your network.During recovery, these steps will achieve two goals: Finding the thieves responsible for the attack and determining how to regain your company’s competitive edge. First, you’ll need to determine who was responsible for the breach and whether your data can be recovered. Your IT will also need to determine if the IP stolen can be blocked from being used to further reduce the damage to your company and clients.Next, consider how you can recapture your business’s competitive edge through modifying the stolen IP and by developing new data. Remember, the more time the cybercriminals behind the breach have had to use the data they have stolen from you, the worse the damage is likely to be. Quick identification of a breach and data theft can add speed to your business recovery and significantly reduce the damage done to your organization. This is why time is of the essence.Forensic InvestigationOnce an attack occurs, it’s vital that a forensic investigation occurs. This will help you determine when the cyberattack occurred, how your system was infiltrated, and what data was stolen. By determining these factors, you can best quantify the impact of the breach and the lasting impact it may have on business relationships, reputation, lost revenue, and trade name devaluation. It can also allow you to identify and pursue the cybercriminals responsible.A forensic investigation will also give you the proof you need to pursue legal action against cybercriminals and those they may have shared your IP with to further mitigate your company’s long-term losses. The United States federal government enacted the Defend Trade Secret Acts of 2016 to allow the owner of a trade secret (think IP here) to sue in federal court when its trade secrets have been misappropriated.Cybersecurity SpecialistsWhen it comes to conducting a forensic investigation, business leaders will need to employ a cybersecurity specialist. ORAM Corporate Advisors, like other data analytics specialists, have the ability to investigate compromised networks to determine what data has been pilfered, identify patterns, and isolate security breaches.Just as you may have heard of law enforcement handling evidence through a chain of custody, the same is done in a forensic investigation for the chain of custody for data. This chain of custody tells cybersecurity specialists what was taken, when, and how. As experienced data specialists, they can determine the hallmarks of internal and external actors. Through analysis of your network, interviews, system traffic, and investigation, they will be able to determine if the breach was conducted internally, externally, or the combination of both.Accountants and financial professionals specializing in forensics who understand IP and its value can also contribute to a forensic investigation. Their perspective on business processes and the competitive marketplace can help to further quantify the damage of a breach. They can also serve as additional expert witnesses in court cases, testifying about the theft and value of the loss and the financial impact of the breach.Advance Protection MattersTaking steps to protect your business and its proprietary information in advance matters. If your company should ever experience a cyberattack and chooses to pursue litigation against the bad actors responsible, you can prove that you took steps to protect your business IP. A defense attorney will often argue that a plaintiff (the company attacked) did not do enough to protect its data. For example, it might be argued that if every employee in a company has access to data, then it must not be a valuable trade secret.Data security goes beyond having a secure network. How your data is maintained, stored, and who has access all determine how secure your business IP really is. For example, if an employee steals information to sell to a competitor, you need to prove that not everyone had easily attainable access to it. This will strengthen your argument in court if the need arises to prosecute an internal thief.Being able to prove that your business has a higher level of security is invaluable, but doing so requires instating the right policies and procedures. Business leaders also need to enact employee protections and put systems in place such as a method for reporting a suspected breach. Everyone from the business owner and chief executive officer (CEO) need to be on the same page in terms of advance protection, ongoing employee training, and how to effectively respond to a cyber threat.Now that you are aware of the serious risks cyber attacks present and the hidden costs behind a breach, you can take the necessary steps to address your company’s cybersecurity. Spending a little money upfront to protect your organization can save it substantial time, funds, and reputation in the face of a cyberattack. By taking the threat of cyberattacks seriously, companies can prepare in advance, monitor systems, enact policies and procedures, train employees, backup data, and have a plan in place for a quick recovery should the worst happen. This can all be accomplished while mitigating risk to the business and protecting its value and competitive edge.To learn more about these key insights into cyberattacks, implementing advance warning and monitoring systems, forensic investigations, and more, contact ORAM Corporate Advisors at (617) 933-5060. We are here to protect your business and its data.