Early research from Check Point Solutions indicates cyber attacks increased 38 percent in 2022. Software vulnerabilities, remote work, hacker sophistication, and increased business applications and attack surfaces all contributed to the rise.
Relativity’s network of certified partners work daily in the fields of breach and cyber attack response. They help their clients identify breaches, pinpoint affected data, and establish an appropriate and compliant response—as well as prevent future breaches.
As your organization arms itself against—or, in a worst case scenario, falls victim to—an attack, that sort of expertise is just the thing you’ll need to gather. So we’ve done a bit of the footwork for you by gathering advice from our partners.
Here’s what we learned.
#1: Keep in mind that attack vectors are always evolving.
Cyber threats continue to evolve with threat actors' changing business models to take advantage of emerging technologies like artificial intelligence, natural language processing, and low code/no code automation. Factor in the change in ransomware operating models, more frequent use of double-ransom tactics, and exfiltration of databases—in addition to personal data and the growing bevy of data privacy laws and regulations in the US and globally—and you get a significant amount of organizational risk that needs to be mitigated.
– Brian Wilson, Managing Director, BDO USA, LLP
#2: Be prepared for regulatory bodies to expect more both pre- and post-incident.
Data regulators are taking a more active interest in how the challenge of breach notification is managed from a technical and legal perspective, to ensure that organisations are efficient in their response to affected companies or individuals and the assessment of risk is balanced. It is likely that the use of technology (such as Relativity) will be embraced as an essential component in how organisations meet their regulatory requirements for breach notification. As external economic factors put businesses under pressure and cyber attacks and data breaches continue their momentum, we may see regulators becoming frustrated by those who don’t prepare adequately and respond in a timely manner. They could turn their focus to assessing the preparedness of an organisation and be less forgiving of those who are not organised in their incident response.
– Martin Nikel, Associate Managing Director in the Cyber Risk Practice, Kroll
If (read: when) a cyber attack occurs, expect people to scrutinize your preparations. Woe to anyone who hasn’t implemented processes minimizing your unused or old data, and confirmed with the forensic and data mining vendors covered by your cyber insurance that you are doing all you can to prevent an attack, limit exposure if one occurs, and prepare for a fast and appropriate post-attack response. A cyber attack is bad enough, but errors caused by inadequate preparation will make an unfortunate event excruciating.
– Bhanu Relhan, Managing Director, e-Discovery and Document Review, Elevate
#3: Educating people—and embracing collaboration—are key.
Cybersecurity is not simply an IT issue. It poses a considerable business risk with far-reaching financial, legal and reputational consequences. Consequently, all organisations must allocate adequate resources and implement a comprehensive cybersecurity strategy that includes regularly updating systems and software, training employees, and conducting risk assessments.
– Murali Baddula, Chief Digital Officer, Law In Order
Don’t fall victim to a false sense of security. At every level of technical competency, we must know our limitations and understand that while the tools we use might make us feel safe, there are often workarounds or bugs that present opportunities for threat actors to exploit. It is not sufficient to implement security tools and call it a day. Educating those using the tools about what they are specifically offering and how to remain cognizant to their deficiencies helps maximize the benefits of the tool and moves organizations beyond a false sense of security.
– Jordan Rae Kelly, Head of Cybersecurity, Americas, FTI Consulting
Cybersecurity is not just the responsibility of a single individual or department. It’s a team effort involving the entire organisation.
– Murali Baddula, Chief Digital Officer, Law In Order
#4: Enlist experts to augment your strategy.
Outsourcing certain aspects of cybersecurity, such as managed security services, can ensure access to specialized expertise and the latest technologies.
– Richard Peters, Managing Director, Berkeley Research Group
Page One routinely helps on breach matters. We have a workflow for quickly ingesting all potentially affected data and searching for breached materials. The materials can also be reviewed to compile a listing used for notification.
– Andrew Milauskas, Vice President of eDiscovery, Page One Legal
We are all on the frontier of security risk and take responsibility to coach our clients on best-practice behaviors to minimize the ever-growing spectrum of digital threats.
– Rebecca Grant, Executive Director, icourts
#5: Taking proactive measures pays off.
Insurance
Transferring some of the risk to third parties such as Insurance carriers can help, and strategically deploying technology tailored to meet specific risks can provide the best overall solution.
– Brian Wilson, Managing Director, BDO USA, LLP
Disaster Recovery Plan
Don't underestimate the importance of having a disaster recovery plan—it can mean the difference between quickly bouncing back from a cyber attack or facing long-term consequences.
– Richard Peters, Managing Director, Berkeley Research Group
Data Mapping & Access
Leading practice is to leverage technology to inventory and manage access to confidential information and personal data within the corporate estate, but that can be a heavy cost for some organizations and financially devastating for others.
– Brian Wilson, Managing Director, BDO USA, LLP
Penetration Testing
Proactive measures, such as regular vulnerability assessments and penetration testing, can identify and remediate potential threats before they can be exploited.
– Richard Peters, Managing Director, Berkeley Research Group
#6: Research your vendors.
At Law In Order, choosing the right e-discovery software and services is critical for us and for our clients. Our dedicated cybersecurity team evaluate the security measures and practices of our e-discovery software partners, along with their cloud-based e-discovery services. This includes vendors security and privacy impact assessments.
– Murali Baddula, Chief Digital Officer at Law In Order.
At Relativity, keeping our users’ data safe is a top priority—and we’re humbled by how our partners entrust their work to RelativityOne.
One specifically spoke on this thread:
“From the ability to use multiple identity providers, being able to provide our clients with the policies to meet their compliance needs, or the ability to have the Security Center tell us about persistent threats, we believe RelativityOne has the most comprehensive security stack in the industry.”
– Stephen Ehrlich, CIO at The MCS Group
To learn more about how seriously Relativity takes security, visit this page.
Cyber attacks will not be defeated overnight. In fact, the forecast looks downright awful. And as cyber incidents continue to evolve, regulatory bodies will continue to expect mature preparations and responses.
Educating workforces and consulting experts are key actions organizations must use to mitigate the impact and fallout of a potential attack. From there, discrete activities like purchasing insurance, mapping data, and performing regular penetration only improve your organizations security posture.
Graphics for this article were created by Natalie Andrews.
