Cybersecurity Compliance For M&A Deals And The Changing Regulatory Landscape With Steven Teppler

In this episode of CHATTINN CYBER, Marc Schein interviews Steven Teppler, co-chair of the cybersecurity and privacy practice of Sterlington. He is also an Adjunct Professor at Nova Southeastern University Shepard Broad School of Law. Before joining Sterlington, Steven was the Chair of Mandelbaum Salsburg’s Privacy and Cyber Security Practice Group. He is an ISACA certified CDPSE (Certified Data Privacy Solutions Engineer) and has been involved in cybersecurity and electronic discovery matters for over 20 years.

Sterlington’s work primarily revolves around private equity and family firms. With a strong litigation department, they also perform transactional work. Steven is involved in developing cybersecurity and assessing cyber risks for clients.

During their conversation, Steven and Marc discuss M&A transactions, the changing cyber regulatory landscape, and mitigating risks on the buy-side and sell-side of the market.

Steven explains that an M&A (merger and acquisition) is a transaction involving both purchase and sale. Both parties undertake a certain amount of due diligence in the purchase-sale environment; there are considerations on both sides with serious implications for liability. Therefore, risk evaluation pre and post-acquisition is necessary for private equity companies. The same principles apply regardless of the type of transaction (mergers, acquisitions, leveraged buyouts, management buyouts, trends offers).

Also, the regulatory landscape in cyber risk is changing fairly dramatically. For instance, now, if an M&A transaction involving a health care type of entity that handles personal health information encounters a lately discovered or latent HIPAA problem. In that case, it violates the Privacy Rule – there’s been a late discovered exfiltration. It could lead to escalations to several regulatory compliance departments.

There should be a baseline security level on the sell-side, so you’re not selling something that can put you into liability or potential liability on the buy-side. You also need protection on the buy-side to get certain representations and warranties from the seller; they ensure you have adequate insurance. You might also want to perform a cybersecurity risk assessment on the proposed acquisition to avoid warnings or trouble later.

Steven explains that cyber diligence should begin at the very outset, because just like any other managed service provider, depending upon the interplay between the private equity company and the portfolio company, there will be an interchange of managed service. Protecting that information is necessary. Any private equity company needs to ensure that its subsidiary or holding companies portfolio companies are equally protected, depending on the type of industry or service they provide.

To conclude, Steven advises avoiding cyber risks, starting with, do not call a number or tap on any unknown link – be conscious. Abide by cybersecurity tips at all times.

Highlights:

“In any purchase and sale environment, there is a certain amount of due diligence that has to be undertaken by the parties. And whether you are a buyer or seller acquisition or the acquired, there are considerations both on the sell-side as well as on the buy-side that can have very, very, very serious implications for liability.”

“Cybersecurity is part of a business. It’s part of your business functionality.”

“Having a protecting on the buy-side means that you get certain representations and warranties from the seller, they also make sure that you have the adequate insurance, and maybe you want to maybe not even take necessarily the word or the representations of the seller, but perhaps you’ll want a separate assessment and a separate cybersecurity assessment risk assessment done on the proposed acquisition.”

Time-Stamps:

[00:46] – Steven’s entrepreneurial journey

[02:27] – Cybersecurity interplay between M&A transactions

[06:47] – The changing regulatory landscape and its effect on M&A transactions

[12:17] – Get in touch with Steven

Connect with Steven:

 

LinkedIn: https://www.linkedin.com/in/steventeppler/

The Role of Managed Service Providers for Cybersecurity with Thomas DeMayo

In this episode of CHATTINN CYBER, Marc Schein interviews Thomas DeMayo, Principal in the Cyber Risk Management group with PKF O’Connor Davies, LLP. Thomas is the lead Cyber Risk Adviser and Auditor for the firm. He is responsible for implementing and designing the Firm’s Cyber Security service offerings, audit programs, and testing procedures. Thomas consults in IT governance, information security, threat and vulnerability management, privacy, and IT compliance. Today, he shares his backstory of getting into cybersecurity and what he’s learned from his journey so far.

Even as a kid, Thomas had a fascination for computers. After graduation, he ended up taking a job in network engineering at PKF O’Connor. Later on, he was asked to check on the firm’s systems, IPS, and calculations. That led him to shift to cybersecurity. And around 2006-2007, he already had clarity on what he was supposed to do going forward.

Thomas talks about the client benefits of partnering up with someone who has both cybersecurity resources and tax intellect. They can advise clients on a more cyber-specific path and help control their program. That’s invaluable to a lot of clients.

Towards the close of the conversation, Thomas talks about the future of a hybrid work environment. Hybrid working may or may not persist for a long time. But it is something that is not going to go away any time in the near future.

Quotes:

“Even as a kid, I was kind of always fascinated with getting the computer to do what I wanted.”

“We are those trusted advisors who are able to come in and say, yes, we can help you, we could advise you on a more cyber-specific path and help you control your program. That’s invaluable to a lot of clients.”

“When we’re helping them, we’re advising them on what they need, and that’s what matters; that’s the key thing.”

“You have to challenge them to make you understand what their cybersecurity program is, or at least ask them, show us what your basic cybersecurity policy looks like. I think that’s going to start to help you understand you even have a level of formality.”

“As the world wakes up and really starts to focus on this, they’ll start to look at that supply chain risk.”

“Some businesses based on their business model will realize that this really does work. Our employees are happier and are still productive; we don’t need to be in the office to do certain things.”

Time-Stamps:

[01:43] – Thomas explains how he got into the field of cybersecurity.

[03:58] – The benefits of partnering up with someone who has both cybersecurity resources and tax intellect.

[08:33] – Reasons why more clients are engaging in services related to cybersecurity.

[10:10] – Questions clients should be asking their Managed Service Provider.

[13:25] – Where do you see this hybrid work environment going in the next 18 months?

Connect with Thomas: 

LinkedIn: https://www.linkedin.com/in/thomas-demayo-002bbb71

Website: https://www.pkfod.com/people/thomas-demayo/

Email: tdemayo@pkfod.com

 

 

 

 

 

Cybersecurity For M&A Deals With Steven Kuperschmid

In this episode of CHATTINN CYBER, Marc Schein interviews Steven Kuperschmid, Co-Chair of Cybersecurity and Data Privacy at Ruskin Moscou Faltischek PC. Steven is experienced as a corporate M&A and securities lawyer. During the conversation, Steven shares his knowledge about cybersecurity in M&A deals, how (or whether) it impacts contracts and the different phases to setting an effective buyer-seller deal. He also talks about the growing need for cyber insurance in different industries today.

At what point does cybersecurity integration happen within an M&A deal? Steven explains that it depends on the nature of the target’s business. For the middle and upper-middle markets, like manufacturing and distribution, industrial technology, financial services, and healthcare, cybersecurity needs to be a priority. You must know whether the target business has Personally Identifiable Information (PII) – if so, cybersecurity needs to be prioritized irrespective of the industry.

However, cybersecurity doesn’t change different deal structures. Because a deal is chosen for tax reasons to mitigate the buyer’s risk, cybersecurity is a far bigger problem than the signed contract.

As for the signing of a deal, there are different phases:

  • The discussion phase, where the buyer assesses the value offered by the seller and considers the different risks that might exist.
  • The buyer then assesses the business from a technology point of view, evaluating the seller’s internal policies and cyber hygiene.
  • Lastly, a buyer does a lien search, looking at the lien report to gather more information about the buyer and their underlying debt instruments.

Further in the conversation, Steven covers cyber insurance, explaining its relevance and importance in the cyber security industry. Having a good cyber insurance grasp can ensure the buyer can benefit from them during a data breach.

Listen to the conversation for more details!

Highlights:

“Often, deal structure is chosen for tax reasons. But also, it’s chosen to mitigate risk to the buyer. So you may choose an asset deal, because you don’t want to incur any unknown liabilities that you can avoid by choosing an asset structure.”

“I think the first thing the team needs to look at is the nature of the target, what’s the targets business, you know, certain industries present greater risks than others. So if we were buying a company in the healthcare industry, or the financial services industry, it should be a huge focus, and usually is at this point now, now, four years ago, five years ago, maybe it wasn’t as big a focus as it is today. But in those industries, it should be a huge focus.”

“Every deal starts with a discussion of the business terms – the value of what’s being paid, how it’s being paid.”

Time-Stamps:

[00:53] – Steve’s path to becoming one of the most well-known privacy attorneys in Long Island

[10:47] – Does cybersecurity change different deal structures?

[14:29] – The different phases of a buyer-seller deal

[17:19] – A discussion on cyber insurance

Connect with Steven:

Website: https://www.linkedin.com/in/steven-kuperschmid-024375155

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Cybersecurity Risk Assessment For Clients With John Jenkins

In this episode of CHATTINN CYBER, Marc Schein interviews John Jenkins, Senior Editor and Law Firm Partner at TheCorporateCounsel.net and Calfee, Halter & Griswold LLP. During the conversation, John explains his journey to heading one of the most regarded M&A news centres in the US, cybersecurity risk assessment, and effective client management.

Discussing the issues to be addressed in the negotiation of M&A agreements, John explains how smart buyers, from the outset, would be already invested in assessing the post-closing issues, integration, operations, handling contacts and the like. Depending on the nature of the transaction and the parties’ sophistication, different professionals are assigned to clients to handle the cybersecurity assessment. In addition, when dealing with large firms with data breaches in the past, a separate team of forensic consultants is assigned to better understand the client’s needs.

Cybersecurity assessment needs to be the front and center for every buyer and seller. To win buyers, sellers need to showcase an infallible track record. To assess a company in a limited period, you would have to perform a risk assessment and then suitably allocate resources. Unless you do a risk assessment at the outset, resource allocation might not be clear.

Further in the conversation, John explains the latest trends in sealing deals. As he shares, there’s been an increase in deals engaging reps and warranties coverage over the years.

Towards the close of the episode, John shares that cybersecurity assessment is part of a dynamic regulatory environment. Over time, it’s only going to get more complicated for both parties (buyers and sellers) to scope the issues early on in any potential transaction.

Listen in to get a detailed picture of cybersecurity risk assessment with clients.

Highlights:

“What’s the environment we’re dealing with here? How sophisticated is the seller, where its risks, what are its compliance environment?”

“If you’re a cyber person, that’s where you look. But you may have competitive situations where your your due diligence opportunities are going to be somewhat limited and targeted, you’re to get through to next rounds, you may have some more confirmatory due diligence at the end.”

“So you have to do a risk assessment, and you kind of have to allocate resources based on your assessment of the risks, and obviously, the more sophisticated the risk assessor is, the better off that that process can be. So, it is something that needs to be done at the outset. Because unless you do it at the outset, you’re not going to be able to engage in a really fully informed risk assessment process to allocate those resources.”

Time-Stamps:

[01:00] – John’s cybersecurity journey

[02:15] – Cybersecurity and M&A transactions

[09:44] – Front end, Back end, and Due diligence evaluation

[11:58] – Is there an increase in deals engaging reps and warranties coverage?

Connect with John:

Website: https://www.linkedin.com/in/john-jenkins-7449761b3/?trk=public_profile_browsemap

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

The Threat To Global Cybersecurity Due To The Russian Invasion Of Ukraine With Cory Simpson

In this episode of CHATTINN CYBER, Marc Schein interviews Cory Simpson, a legal advisor, adjunct professor, national security expert, and public policy pioneer. Cory has over two decades of experience advising the most elite organizations in the American military, Congress and Fortune 100 companies on cybersecurity, counterterrorism, emerging technologies and geopolitical risk. He discusses with Marc the state of cybersecurity pre and post-Russian invasion of Ukraine and how to prepare for any risks that might arise in the near future.

The cybersecurity environment pre-invasion was described as VUCA—Volatile, Uncertain, Complex, and Ambiguous. It existed in a context where our political or economic internationalist security spaces were converging and was insecure in its standing.

The illegal invasion of Ukraine is causing economic warfare, and Cory predicts that financial institutions will be targeted robustly; hence, cybersecurity would have to be strengthened in such organizations. But he also adds that large-scale systemic losses might not be observed.

As of the present, Russia appears to be in a problematic situation domestically in terms of enduring starvation and facing higher living costs. A large reason why Ukraine is more transparent about the situation in its country than Russia is because of Russia’s war crimes on the former. They’ve seen to have besieged cities, surrounded them with artillery and armor, cut off all supplies, and then indiscriminately bombed them until the people were dead. The media in Ukraine is taking deadly risks to get news and updates to the rest of the world.

Towards the close of the episode, Cory advises organizations to be prepared to be agile in their plans because they’ll have to adapt to a lot of changes that will happen in the coming years.

For more, tune in to today’s episode!

Highlights:

“If you want to be effective, for the IT/OT, it requires knowledge… physical knowledge of the facility, and that relationship between the IT and the OT, it is hard to do, to get that physical knowledge in the United States, it is probably easier to do in Eastern Europe, where it is known that more Russian actors are doing human intelligence on the ground.”

“I think some of the access and placement of the Intel entities will probably be leveraged in the days and months ahead to inflict harm, but I don’t know how much more replacement access they can they can get once they’ve burned that, because I think they’re just going to be so overwhelmed with other issues.”

“I think we all need to be prepared to be agile in our organizations and in our plans, because I do think we’re going to be asked to adapt to a lot in the environment.”

Time-Stamps:

[01:00] – Russia’s invasion of Ukraine and the associated geopolitical and cyber risks [07:52] – How likely are we to witness a large-scale systemic type of loss due to cyber attack?
[11:23] – Russia and Ukraine’s stance on sharing their message with the rest of the world

[15:03] – Get in touch with Cory

Connect with Cory:

Website: linkedin.com/in/cory-s-simpson

Why Every Organization Needs A Crisis Communication Wing With Jamie Singer

In this episode of CHATTINN CYBER, Marc Schein interviews Jamie Singer, Managing Director FTI Consulting formerly, Executive Vice President at Resolute Strategic Services and Resolute Public Affairs. She is an ​​experienced strategic communications advisor with deep expertise in crisis communications, and has counseled Fortune 500 companies through some of the biggest reputational crises of the past decade. During the conversation, Jamie and Marc explore the need, process, and tips for effective crisis communication in organizations.

Crisis communicators are partners to legal and breach counsel. The latter engages them in a tri-party agreement to protect privilege, helping them act as an interplay and an ongoing dialogue for risk mitigation.

When must an organization have a crisis or strategic communication with an expert? Jamie Singer explains that strategic communications need to start early when an organization engages with its forensics firm and insurance carrier. This is partly due to the increasing number of ransomware cases organizations face today (both internally and externally), rendering their systems inoperable for operations.

However, communicating a data privacy breach or incident with the clients or media should happen only after careful thought and investigation. Because the cyber world is fluid – information and facts change quickly. It’s possible that in the time you communicated an incident, the positions have changed and the risks mitigated; but by then, the organizational trust would have gotten in jeopardy. Organizations must be careful about the cadence and timing of reporting such incidents.

It’s all easy until the media comes into the picture. With the internet always up-to-date with the recent advancements in any space, cybersecurity traders and bloggers are also the first to break any reports of security breaches in organizations. The nature of the news, however, is often ‘report and move onto the next’, a fact that organizations can leverage. Jamie Singer explains that companies can use media to get their key messages to the key stakeholders through written statements (and not LIVE interviews as they might backfire).

What can organizations do to mitigate cyber risks and reduce cyber incidents? Work on the communications aspect – consider your communications protocol, review and improve messaging. It includes finding a way to communicate even when corporate emails are unavailable.

For more, tune in to today’s episode!

Highlights

“A common pitfall we see is companies saying too much and too quickly – Crisis Management 101 – you should communicate the minute something went wrong as transparently as possible. The problem with cyber is, investigations are quite fluid, information and facts change frequently. And so the early bird doesn’t always catch the worm in these situations, if you communicate too quickly, before your systems are remediated, or before you have all the facts that can actually erode trust.”

“There’s often a lot of focus on what we say to customers and media and external stakeholders, but we continue to see the employee audience being forgotten, and they shouldn’t, because they wear two hats there, they could be impacted by the incident and they interface with customers. So they need to know what’s going on.”

“We approach media typically as a transaction, how can we use media to make sure we are continuing to reiterate our key messages to our key stakeholders, and often that can be accomplished through written statements.”

Time-Stamps:

[01:55] – When must an organization have crisis communication?

[03:21] – Why you must think before communicating with the rest of the world about a potential (or observed) data security breach

[06:19] – Managing the media in the event of a cybersecurity threat

[08:02] – What can companies do to be better prepared in the event of a cyber incident?

Connect with Jamie:

Website: https://www.linkedin.com/in/jamie-singer-11a3bb13/

 

 

 

Cybersecurity Protection for Cyber Insurance : An interview with Maria T. Vullo

In this episode of CHATTINN CYBER, Marc Schein interviews Maria T. Vullo, Founder, and CEO of Vullo Advisory Services, PLLC, a strategic advisory firm. She serves on several for-profit boards, is Regulator-in-Residence at the Fintech Innovation Lab, and an Adjunct Professor at Fordham Law School. She was formerly the New York’s Superintendent of Financial Services, responsible for managing a 1,400 person regulatory agency that supervises New York’s banking and insurance industries. Maria has extensive banking and insurance regulation expertise, BSA/AML compliance, an understanding of cybersecurity and data privacy, fintech and insurance, and strategic litigation.

In today’s episode, Maria discusses her insightful career in DFS, working in private law and consulting practice later. She shares her experience working with private and public sector institutions and how both have added to her expertise in the law.

Maria talks about finalizing the DFS Proposed Regulations Part 500 (Cybersecurity Requirements for Financial Services Companies) in 2017 and its significance. Not only was it a big deal in cyber, but it was the first in the nation at that time and is still a leading force in cybersecurity regulations. Maria adds that DFS has a huge responsibility in helping manage cybersecurity risks. It is responsible for the safety and soundness of all the banks and insurance companies that are state-chartered. Since any cyber risk could also create a potential financial risk to them, the DFS had to take steps to consider cybersecurity seriously.

The government plays a huge role in combating cyber risk or ransomware. After the ‘SolarWinds hack’, the largest global cybersecurity attack that happened recently, the federal agencies and governments passed a pervasive executive order asking all private and public agencies to bring a unified approach to handling cybersecurity issues.

The New York State Department of Financial Services (NY DFS) recently issued new Ransomware Guidancefor regulated companies to prevent successful ransomware attacks. This happened post realizing that 74 of their regulated institutions had suffered ransomware attacks, 17 of which needed to be paid the ransom.

We also discuss the world of FinTech pre and post COVID and why insurance suffered in these times. Maria explains that in financial services, consumer protection will be a big issue for the Biden administration. Virtual currency is another central area of regulation considering its global reach.

Maria closes the conversation by stating the massive role of cybersecurity protection in enabling cyber insurance. It will continue to grow in importance in the coming years!

Quotes:

“If you have a significant cyber cybersecurity attack, that’s a financial attack and you have a ransomware attack that stops your business, has a huge impact, if not a closing impact on your bottom line.”

“DFS as a regulator is very, very concerned with the financial soundness of banks, insurance companies, because there’s all these people out there that rely on financial services for their banking for their insurance policies.”

“The more that you follow the regulation, the more that you have security and everything else, the less likely it will be that you will suffer one, or if you do, there’ll be mitigation measures that won’t have as serious an impact.”

“Cyber insurance is such a critical issue for all companies. And I think that it goes hand in hand with cybersecurity protection.”

“The stronger your cybersecurity protections, the better able you are to get a good cyber insurance policy.”

“The last thing that I want to see as a former insurance regulator is for insurance companies to not be in the space or for the pricing to be such that people can buy cyber insurance.”

Time-Stamps:

[00:57] – Maria’s experience working with both private and public sectors and how both of them helped her build a strong career in law.

[02:52] – About the DFS Proposed Regulations: Part 500 – Cybersecurity Requirements for Financial Services  Companies

[05:17] – New Ransomware Guidance for regulated companies on preventing successful ransomware attacks by the DFS

[07:43] – The role of government in combating cyber risks

[10:32] – Fintech today

[13:00] – The regulations around virtual currency today

[15:58] – Maria’s parting advice for the listeners

Connect with Maria:

LinkedIn  https://www.linkedin.com/in/maria-t-vullo-b40a7258/

 

 

 

 

 

Regulatory Compliance In Cybersecurity And The Practices To Mitigate Cyber Risks With Jennifer Coughlin, part 2

In this episode of CHATTINN CYBER, Marc Schein interviews Jennifer Coughlin, Founding Partner at Mullen Coughlin, a law firm exclusively dedicated to representing organizations facing data privacy events and information security incidents and the need to address these risks before a crisis hits. Jennifer focuses her practice solely on providing organizations of all sizes and from every industry sector with first-party breach response and third-party privacy defense legal services. The second part of the conversation talks about regulatory compliance, investigations and movements, cyber insurance, how to mitigate cyber risks, especially those due to ransomware attacks, and the present and future cyber threats.

On the regulatory front, many new laws and guidelines on cybersecurity are being proposed; regulatory investigations, too, are picking up well. Data shows that while over 30 movements happened in 2021, so far in 2022, 20 have occurred. These indicate:

  1. Increased reliance upon data and information systems
  2. A recognition of the impact of losing access to data and information systems
  3. Uncertainty around what businesses are doing with the massive amounts of data collected
  4. Consumers’ recognition of data privacy
  5. Victim organizations have a ton of data that could help in the fight against cybercrime.

Cyber insurance companies are helping organizations reduce the uncertainty due to cyber risks by setting up a vetted procedure and providing the necessary education to respond to data privacy incidents. With an evolved cyber insurance underwriting, companies can have increased safeguards, better implementation, and response to cyber incidents.

How can your company mitigate cyber incidents? Conduct a data-mapping exercise, considering carefully the data you have on your system, the access controls, cost, loss in the case of security violations, and testing around that. Next, consider Multi-Factor Authentication – it’s a necessity in any company. Mullen Coughlin has a 3-2-1 plan indicative of their practice of keeping 3 backups in 2 different locations, 1 of which is offline.

Before dealing with ransomware attacks, companies need to take the time to understand their contracts, obligations, and responsibilities, so they’re aware of the laws that apply in the case of a cyber incident. Being aware of the timelines and laws could help faster implement the necessary cybersecurity controls and practices.

Additionally, training the employees properly about healthy cyber practices is essential. There needs to be proper learning and reinforcement of cybersecurity practices in organizations.

Towards the close of the episode, Jennifer shares that cybersecurity incidents are not predicted to decrease in a coming couple of years. Job security in the industry appears strong.

Listen to the conversation for more details!

Highlights:

“All these movements (around cybersecurity laws) are indicative of their recognition that victim organizations have a ton of data that would be really helpful in the fight against cybercrime. And they’re not getting their hands on that. So under all of these movements, they’re talking about sharing more information with them. So that when these laws are crafted, when these government meetings are happening, they have additional information that can be really helpful to the conversation.”

“The cyber insurer has already figured out the call you make to set into motion, to ring the bell that is going to set into motion everything that needs to be done to efficiently and compliantly respond to these data privacy incidents; they’ve identified the resources that are needed to do so, they vetted these resources that are needed to do so.”

“Vulnerabilities are being identified all the time, you’ve got zero day exploits being identified, you need to make sure you have a patch management program so that you’re monitoring for patches issued for vulnerabilities, assessing whether or not those patches need to be applied to your system and making sure those patches are being applied to your system. ”

Time-Stamps:

[00:45] – What’s going on in the regulatory front of cybersecurity?

[03:34] – Insight into the plaintiff’s bar

[10:59] – Reducing or mitigating a potential cybersecurity incident

[20:49] – Cyber risk prediction for 2022-23

Connect with Jennifer:

Website: https://www.linkedin.com/in/jennifer-coughlin-59b81425/

 

 

Top Three Cybersecurity Threats And The Industries Most Affected With Jennifer Coughlin, part 1

In this episode of CHATTINN CYBER, Marc Schein interviews Jennifer Coughlin, Founding Partner at Mullen Coughlin, a law firm exclusively dedicated to representing organizations facing data privacy events and information security incidents and the need to address these risks before a crisis hits. Jennifer focuses her practice solely on providing organizations of all sizes and from every industry sector with first-party breach response and third-party privacy defense legal services. In the first part of the conversation with Jennifer, we explore her journey to Mullen Coughlin, the top three cybersecurity threats organizations have faced in the past couple of years, and a detailed analysis of the industries most prone to the attacks.

Jennifer got into cybersecurity after John Mullen suggested the same to her decades ago, even before he got his first cyber case. They started their own cybersecurity firm Mullen Coughlin, which recently celebrated its fifth anniversary. Beginning with 13 attorneys, Mullen Coughlin expanded itself over the years and now has a team of 95 attorneys involved in data privacy and cybersecurity counseling. It is the largest privacy law firm in the US.

Cybersecurity breaches and vulnerabilities have increased in the recent decade. Jennifer lists the increase in incident response matters hence: In 2019, they had 2350 incident response matters, it grew to 3551 in 2020, and 3954 the following year. These numbers are not including the regulatory defense, litigation defense, and compliance.

The top three kinds of threats Mullen Coughlin handled in a recent couple of years have been ransomware attacks, business email compromises, and third-party events.

As Jennifer draws in from her organization’s reports, victim companies paid the attackers due to either of the following reasons:

  • The threat actor deleted the data, and the victim organization didn’t have backups because they were encrypted.
  • Or the victim organization had backups, but obtaining the key was quicker for restoration purposes.
  • 26% of the time, payments were made only for key and delete purposes.

As statistics from 2020 show, only 25% of organizations paid the attackers ransom. 75% of the organizations agreed to take the risk as they didn’t find it worth paying for a promise from a threat actor. The percentage of organizations making payments for ransomware attacks came further down to 18% in 2021, indicating considerable progress in cybersecurity.

After assessing the likelihood of different industries being hit with cybersecurity threats, Jennifer breaks them down into 10 categories. As per her reports, in 2021, the top 10 industries affected by cybercrime (from the highest percentage of cases to the lowest) were as follows:

  1. Financial and Professional services
  2. Manufacturing and Distribution
  3. Healthcare and Life Sciences
  4. Technology
  5. Hospitality and Entertainment
  6. Education
  7. Government
  8. Non-Profits
  9. Energy
  10. Others

Compared with the reports from 2020, the Manufacturing and Distribution industry remained at the second position. Evaluating the possible reasons for the consistently high levels of cyber threats in the industry, Jennifer says it could be because of inconsistent deployment of cybersecurity practices in organizations and a lack of thoroughness about cybersecurity safeguards, laws, and regulatory compliance procedures.

Now, what do the threat actors do with the acquired data? They put it out on the dark web or get it sold.

Listen to the episode to get detailed insight into the explained cybersecurity threats and figures!

Highlights:

“We are as successful as we are because of every single person on our team. And we recognize that everybody, recognizes that they are valued, and they are part of helping organizations through these really scary events, defending them in regulatory investigations and litigation and also helping them be better before they experience (cybersecurity threats).”

“Just because data is taken and you pay for a promise of deletion from the threat actor doesn’t mean if there’s protected data in that exfiltrated data, you get to absolve yourself, of having to notify under the laws that apply to you. You still have to notify, even though you’re getting a promise from a threat actor, it’s never going to be enough for a regulator when you find out you didn’t notice. ”

“We’ve seen ransomware really evolve over the past few years. And it’s evolved to a point where threat actors realize if they exfiltrate data, they will be able to put more pressure on the organization to pay, because, one, the organization needs access to their data, and two, they don’t want to experience potential reputational harm or damage if their data is leaked out on the dark web.”

Time-Stamps:

[00:53] – Jennifer’s way into cybersecurity

[03:43] – Why is the percentage of organizations paying ransom to threat actors low?

[10:36] – The organizations most prone to cyber attacks

[17:05] – Why the Manufacturing and Distribution industry continues to remain at the second position for the percentage of cyber threats faced

 

Connect with Jennifer:

 

Website: https://www.mullen.law/people/jennifer-a-coughlin/

Why Accounting, Disaster Recovery and Incident Response Are Critical In Any Organization With Ted Carlson

In this episode of CHATTINN CYBER, Marc Schein interviews Ted Carlson, Co-Founder and President of Marcum Technology, a renowned Information Technology Consulting Firm in the US. During the conversation, Ted and Marc explore the former’s journey into consulting and technology, Marcum’s service and client diversity, and some thoughts on ransomware attacks.

Marcum Technology is essentially an accounting firm, with technology being its core driver. In addition, the firm offers robotic process automation, business continuity, disaster recovery, and incident response through digital forensics. Ted explains how the company helps organizations prevent ransomware incidents by using parallel networks, adequate backups, and strong infrastructure. He adds that depending on the severity of the attack, the recovery process could vary. Firms should practice testing and rehearsal to ensure business continuity during an attack.

Gathering lessons from his entrepreneurial journey, Ted suggests why you shouldn’t be hesitant to chase your passion. Though taking advice from people could help sometimes, it’s essential to do what you enjoy because that’s what would produce better results sometime down the road. He also states why you might not want to wait for years shifting and switching jobs only to choose another path later – it would be challenging to restart your career 20-30 years after. Don’t let people hold you back from living your dreams.

Tune in to the episode to learn what it takes to build a successful career in the rapidly evolving consulting industry.

Highlights:

“Whenever there’s a merger or acquisition, we’re basically stripping off the technology components of those firms. And we’re kind of blending them into the marking technology division.”

“You can take a certain advice from people, but you really, at the end of the day, have to do what you enjoy, and (do) whatever you feel confident, and that will produce better results down the road.”

“Whatever interests you have, and whatever excites you, I would say, don’t wait, because a lot of people end up waiting and switching during career changes 20-30 years later. And, it’s not that easy to do.”

Time-Stamps:

[00:41] – Ted’s entrepreneurial journey

[01:22] – Advice for college students to chase their passion

[04:18] – More about Marcum

[05:19] – How to prevent ransomware incidents in companies

Connect with Ted:

LinkedIn: https://www.linkedin.com/in/ted-carlson-14977a18/