/
Cyber Resilience

3 Keys to Managing the Legal Fallout From Cyberattacks

Andrew Brandt, ESPN business and legal analyst
Andrew Brandt, ESPN business and legal analyst. Image from Sports Agent Blog.

ESPN’s resident legal expert, Andrew Brandt, is synonymous with one simple phrase: There will be lawyers. He’ll tweet it in response to any developing story in the sports world that catches his eye, like Carolina Panthers owner David Tepper throwing a drink at fans from his owner’s box.  

It’s this phrase that inspired Illumio’s latest webinar, a collaboration with legal firm Fenwick and West speaking on the legal consequences of cyber breaches. Michael Sussmann, a cybersecurity and privacy lawyer at the firm, joined John Kindervag, godfather of Zero Trust and Chief Evangelist at Illumio, and Aaron Margolis, Head of Legal at Illumio to share insights on the rarely covered topic of cyberattack legal fallout.

Just as in the world of sports, there will be lawyers.

Here are three key takeaways from their discussion to help you stay prepared for the legal fallout of breach response. You can also watch the full recording here, and get a preview of their discussion below:

1. There’s ROI in proactive security investment

Many organizations are still lagging when it comes to building breach containment strategies that reduce risk and bolster cyber resilience. According to Kindervag’s research, the majority of cybersecurity incidents could’ve been mitigated for far less than the cost of the legal fees associated with the incident.  

“It feels to me like we're penny wise and pound foolish,” Kindervag said, “and we're not thinking about all the costs that could be associated with an attack.”

But investing in proactive security strategies that prepare for the next inevitable breach will deliver ROI next time a breach happens. Sussman and Margolis recommended implementing basic cyber hygiene best practices in addition to security tools that limit network access, contain breaches, and stop lateral movement.

While these strategies may not prevent a breach, they can certainly ensure a breach is less destructive than it otherwise could be — and less costly to remediate legally.

“Being proactive can make the difference between a low-level security vulnerability versus a high-profile breach that becomes mission-critical to the whole company,” Margolis said.

2. Prioritize communication

Breaches can no longer be prevented or detected quickly enough to stop them from becoming catastrophic incidents. Organizations can't expect perfection from their security teams — and CISOs can’t expect that the rest of the organization will understand what their teams needs to build cyber resilience.  

“Speak up when you need resources,” Sussman recommended. “Everyone's out there doing their best in difficult circumstances.”

When a breach does occur, Kindervag noted that bringing in outside counsel can be helpful. Sussman agreed, encouraging organizations to “always” speak with lawyers when a breach occurs. This can help security teams better communicate the breach’s impact to internal and external stakeholders while mitigating any unexpected legal issues that may arise.

3. Investment starts at the top

Kindervag addressed the long-time issue in the cybersecurity industry of procrastination: “Why do companies avoid or delay investing in projects that could help them, like segmentation? Why do we see so many folks saying ‘it costs too much’ when there's so many downsides to not doing the right thing?”

Margolis agreed that many organizations are still focused on outmoded security models that prioritize prevention and detection instead of breach containment. These lead to costly breaches and legal fallout.

“I think the reason that it can be deprioritized is that when we're running the business, there's an incentive structure there that puts a big premium on growth. So a lot of the investment and focus gets put on that,” explained Margolis

However, he does see change happening. In today’s threat landscape, boards are starting to take notice of cybersecurity issues. Security risk is becoming a top business risk to mitigate, and legal teams are increasingly involved in security planning.

“It’s becoming less true over time as cyber becomes more of a strategic imperative,” he said.

“There's less of the procrastination mindset and more of becoming more proactive, and there's a need for cyber expertise within the boardroom.”

Contact us today to learn about how Illumio Zero Trust Segmentation can help your organization build cyber resilience and reduce the risk of catastrophic cyberattacks.

Related topics

No items found.

Related articles

The Limits of Working Memory: Human Brains vs. AI Models
Cyber Resilience

The Limits of Working Memory: Human Brains vs. AI Models

Learn how the differences in working memory, processing, and scale between humans and AI can reduce security costs and improve efficiency.

Swish: What Steph Curry Can Teach Us About Enterprise Security
Cyber Resilience

Swish: What Steph Curry Can Teach Us About Enterprise Security

The best security professionals are those that can think like a hacker. Their perspective on defense is based on a fundamental understanding of how to scour a system for weaknesses that can be easily exploited.

The Evolution of Systems Design: From Write-Only Interfaces to Multi-Cloud Automation
Cyber Resilience

The Evolution of Systems Design: From Write-Only Interfaces to Multi-Cloud Automation

Get insight into the evolution of systems design and distributed systems — and the challenges and opportunities that lie ahead.

Why There's No Zero Trust Without Microsegmentation
Zero Trust Segmentation

Why There's No Zero Trust Without Microsegmentation

Get insights from the creator of Zero Trust, John Kindervag, on why microsegmentation is essential to your Zero Trust project.

5 Tips for Getting Board Buy-in for Your Cybersecurity Investments
Cyber Resilience

5 Tips for Getting Board Buy-in for Your Cybersecurity Investments

Learn why it's crucial to shift board conversations from cybersecurity problems to enablement, risk, remediation, and quantifiable benefits.

Get Reliable ROI with Illumio Zero Trust Segmentation
Zero Trust Segmentation

Get Reliable ROI with Illumio Zero Trust Segmentation

Today’s hybrid, hyper-connected networks have rendered prevention alone ineffective, Zero Trust containment delivers a better solutions call center ROI.

Assume Breach.
Minimize Impact.
Increase Resilience.

Ready to learn more about Zero Trust Segmentation?