/
Cyber Resilience

3 Keys to Managing the Legal Fallout From Cyberattacks

Andrew Brandt, ESPN business and legal analyst
Andrew Brandt, ESPN business and legal analyst. Image from Sports Agent Blog.

ESPN’s resident legal expert, Andrew Brandt, is synonymous with one simple phrase: There will be lawyers. He’ll tweet it in response to any developing story in the sports world that catches his eye, like Carolina Panthers owner David Tepper throwing a drink at fans from his owner’s box.  

It’s this phrase that inspired Illumio’s latest webinar, a collaboration with legal firm Fenwick and West speaking on the legal consequences of cyber breaches. Michael Sussmann, a cybersecurity and privacy lawyer at the firm, joined John Kindervag, godfather of Zero Trust and Chief Evangelist at Illumio, and Aaron Margolis, Head of Legal at Illumio to share insights on the rarely covered topic of cyberattack legal fallout.

Just as in the world of sports, there will be lawyers.

Here are three key takeaways from their discussion to help you stay prepared for the legal fallout of breach response. You can also watch the full recording here, and get a preview of their discussion below:

1. There’s ROI in proactive security investment

Many organizations are still lagging when it comes to building breach containment strategies that reduce risk and bolster cyber resilience. According to Kindervag’s research, the majority of cybersecurity incidents could’ve been mitigated for far less than the cost of the legal fees associated with the incident.  

“It feels to me like we're penny wise and pound foolish,” Kindervag said, “and we're not thinking about all the costs that could be associated with an attack.”

But investing in proactive security strategies that prepare for the next inevitable breach will deliver ROI next time a breach happens. Sussman and Margolis recommended implementing basic cyber hygiene best practices in addition to security tools that limit network access, contain breaches, and stop lateral movement.

While these strategies may not prevent a breach, they can certainly ensure a breach is less destructive than it otherwise could be — and less costly to remediate legally.

“Being proactive can make the difference between a low-level security vulnerability versus a high-profile breach that becomes mission-critical to the whole company,” Margolis said.

2. Prioritize communication

Breaches can no longer be prevented or detected quickly enough to stop them from becoming catastrophic incidents. Organizations can't expect perfection from their security teams — and CISOs can’t expect that the rest of the organization will understand what their teams needs to build cyber resilience.  

“Speak up when you need resources,” Sussman recommended. “Everyone's out there doing their best in difficult circumstances.”

When a breach does occur, Kindervag noted that bringing in outside counsel can be helpful. Sussman agreed, encouraging organizations to “always” speak with lawyers when a breach occurs. This can help security teams better communicate the breach’s impact to internal and external stakeholders while mitigating any unexpected legal issues that may arise.

3. Investment starts at the top

Kindervag addressed the long-time issue in the cybersecurity industry of procrastination: “Why do companies avoid or delay investing in projects that could help them, like segmentation? Why do we see so many folks saying ‘it costs too much’ when there's so many downsides to not doing the right thing?”

Margolis agreed that many organizations are still focused on outmoded security models that prioritize prevention and detection instead of breach containment. These lead to costly breaches and legal fallout.

“I think the reason that it can be deprioritized is that when we're running the business, there's an incentive structure there that puts a big premium on growth. So a lot of the investment and focus gets put on that,” explained Margolis

However, he does see change happening. In today’s threat landscape, boards are starting to take notice of cybersecurity issues. Security risk is becoming a top business risk to mitigate, and legal teams are increasingly involved in security planning.

“It’s becoming less true over time as cyber becomes more of a strategic imperative,” he said.

“There's less of the procrastination mindset and more of becoming more proactive, and there's a need for cyber expertise within the boardroom.”

Contact us today to learn about how Illumio Zero Trust Segmentation can help your organization build cyber resilience and reduce the risk of catastrophic cyberattacks.

Related topics

No items found.

Related articles

Microsoft Exchange, SolarWinds, Verkada Breaches: Why Security Hygiene is More Important Than Ever
Cyber Resilience

Microsoft Exchange, SolarWinds, Verkada Breaches: Why Security Hygiene is More Important Than Ever

Security hygiene is healthy security behaviours amplified through the implementation of supporting processes and technical controls.

Understanding EU Compliance Mandates Series: Financial Services
Cyber Resilience

Understanding EU Compliance Mandates Series: Financial Services

In Part 3 of this blog series, we explore EU regulations specific to financial services.

Top Cybersecurity News Stories From December 2023
Cyber Resilience

Top Cybersecurity News Stories From December 2023

Learn how to manage amidst a cybersecurity skill shortage, why cyber resilience is tied to ROI, and using ZTS to solve cloud security gaps.

Why There's No Zero Trust Without Microsegmentation
Zero Trust Segmentation

Why There's No Zero Trust Without Microsegmentation

Get insights from the creator of Zero Trust, John Kindervag, on why microsegmentation is essential to your Zero Trust project.

5 Tips for Getting Board Buy-in for Your Cybersecurity Investments
Cyber Resilience

5 Tips for Getting Board Buy-in for Your Cybersecurity Investments

Learn why it's crucial to shift board conversations from cybersecurity problems to enablement, risk, remediation, and quantifiable benefits.

Get Reliable ROI with Illumio Zero Trust Segmentation
Zero Trust Segmentation

Get Reliable ROI with Illumio Zero Trust Segmentation

Today’s hybrid, hyper-connected networks have rendered prevention alone ineffective, Zero Trust containment delivers a better solutions call center ROI.

Assume Breach.
Minimize Impact.
Increase Resilience.

Ready to learn more about Zero Trust Segmentation?