[BreachExchange] How to Potentially Mitigate Post-Breach Cybersecurity Litigation Costs

Audrey McNeil audrey at riskbasedsecurity.com
Fri May 18 20:16:36 EDT 2018


The bill for a data breach on your enterprise can be staggering. The basic
costs of a single security event include hiring cybersecurity consultants
to assess the damage, dealing with the public relations fallout, conducting
the internal investigation, and suffering the lost customers and contracts.

That just covers the basics of breach remediation; just informing your
regulators of a data breach can cost your enterprise even more. Yet the
legal fees that your enterprise could accrue in the wake of post-breach
cybersecurity litigation, though often forgotten, can be monumentally
expensive. In the case of the historic Equifax data breach, the charges
from legal fees alone could be in the millions, if not tens or hundreds of

Perhaps this is unsurprising. Post-breach cybersecurity litigation can
involve consumer class action suits and public settlements, individual
lawsuits, and private settlements—not to mention potentially hundreds or
thousands of attorney time.

Is there anything you can do to mitigate the costs of post-breach
cybersecurity litigation? Potentially, yes. Following some key
cybersecurity best practices can possibly help you prove compliance and
reduce liability issues.

Here are a few ideas to potentially mitigate post-breach cybersecurity
litigation costs:

Be Aware of Cybersecurity Risks. Be Prepared.

A key step to both mitigating a cybersecurity threat and future post-breach
cybersecurity litigation is to recognize the most common kinds of cyber
threats that face your enterprise’s industry in particular. These can
include IT environment failures, data corrupting viruses, cryptojacking
malware, IoT infiltration, or ransomware. Your cybersecurity platform needs
to begin with knowledge and awareness, or it won’t be effective.

As a part of this new awareness policy, your IT security team needs to
conduct a cybersecurity risk analysis to see how your enterprise’s IT
environment stands up to those threats. This risk analysis should seek out
any potential attack vectors and work to limit or eliminate them—whether by
closing discovered security holes or enacting breach prevention and SIEM
threat management solutions.

If possible, hire an outside consultant to perform this cybersecurity risk
assessment. Doing so provides an outside perspective on your IT
environment, and therefore a more accurate understanding of what
vulnerabilities are apparent to outside threat actors. After that, you’ll
know what you should prioritize in your endpoint security, SIEM, and
identity and access management solution selections.

The best way to potentially mitigate post-breach cybersecurity litigation
costs? Prevent the breach from happening in the first place. Granted this
is often easier said than done—no cybersecurity prevention method is 100%
effective—but having proper cybersecurity solutions and policies in place
can help your enterprise reduce its liability in post-breach cybersecurity
litigation. It can help you demonstrate compliance and reasonable efforts
to enact safety, which can be a huge help.

Have an Incident Response Plan In Place

An incident response plan is essential for any enterprise in the event of a
data breach. When properly enacted, it helps clarify the chain of command
and channels of communication while a security event is ongoing. Therefore,
an incident response plan can help ensure that affected parties, customers,
legal teams, and shareholders are alerted to a data breach promptly.

Plenty of recent cybersecurity lawsuits have (according to public sources)
fixated on the absence of communications to affected parties from breached
enterprises as an example of neglect. Neglect can be a pretty serious legal
issue, and thus it is in your best interest as an enterprise to avoid such
charges. Making sure your employees know the incident response plan—simply
having one isn’t enough—can help prove that you aren’t negligent in your
cybersecurity. Affected parties, regulators, and investors should be
alerted promptly after a breach is discovered.

Post-Breach Cybersecurity Litigation Common Sense

Again, we can’t give proper legal advice as we are not lawyers. But here
are two facts we can say with certainty: your enterprise more likely than
not will suffer a data breach in the next few years, and the chances of a
data breach will increase if you choose not to invest in cybersecurity
solution. Taking no steps to prevent a data breach might make your
enterprise look more liable in the wake of a cyberattack, and it may also
spell a compliance issue that can be even more costly.

So maybe it’s time to start preparing?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20180518/3c578995/attachment.html>

More information about the BreachExchange mailing list