[author: Jack Morris **]

In today’s digital world, cyber incidents pose a significant risk to businesses of all sizes. From data breaches to ransomware attacks, organisations face a barrage of threats and unfortunately, the discussion has moved from “if” your organisation will be impacted by a cyber incident to “when” and “how many times.”

A cyber incident refers to any unauthorised access, disruption, or compromise of computer systems, networks, or data. These incidents can range from minor security breaches to large-scale attacks with severe consequences.

According to The Cyber Security Breaches Survey 2023, 32% of businesses and 24% of charities in the UK recorded a cyber breach or attack in the last 12 months. That statistic is alarmingly higher when looking at medium-sized businesses (59%) and large businesses (69%). Furthermore, according to Beaming, more than 1.5 million businesses fell victim to some form of cyber-attack in 2023, with small to medium businesses experiencing the steepest rise in incidents (up 42%) and the costs implications of these rising by 396% between 2019 and 2023.

The statistic for large businesses being impacted is no surprise, due to threat actors looking at larger businesses as having more of an attack surface. However, the fact that smaller and medium-sized businesses are also recording higher numbers of incidents than the national baseline suggests that regardless of the size of your business, or market you operate in, it’s never been more important to be proactive in safeguarding your business.  

At Epiq, managing cyber-related fall out is something we do daily. Here are five ways in which an organisation can be proactive in mitigating cyber risk, in turn reducing legal repercussions: 

1. Implement a cyber incident response plan – Having a plan in place to respond to an incident is crucial, as it allows organisations to prepare for the incidents before they occur. Clearly defining roles and responsibilities, communication protocols, identifying risks, implementing preventative measures, and conducting exercises will all lead to significantly reducing the impact of a cyber incident. Building information governance into these plans is a way to better prepare and will enable businesses to reduce their attack surface, meaning there is less data to be compromised when retention controls are in place. Having a more accurate picture of where data is housed improves identification, containment, and notification after a data compromise, helping to manage potential legal fall out.  

2. Form sound relationships with law firms and cyber-security experts – Organisations need to be aware of the legal and operational issues that arise from a cyber incident. Regulatory compliance and liability concerns, as well as loss of systems, data, and brand reputation, affect the whole of a business. Having expert advice on the legal and operational considerations associated with a cyber incident enables a business to respond effectively, and to proactively manage any legal repercussions.

3. Conduct forensic tabletop exercises – Forensic tabletop exercises simulate cyber incidents in a controlled environment. They involve key stakeholders, both internally and externally, discussing and practicing their roles during an incident. These exercises improve coordination, communication, and decision-making, ensuring a more effective response when a real incident occurs. Include legal, HR, and risk management in strategy and policy development and ensure these stakeholders are participants in regular tabletop exercises.  

4. Invest in cyber security solutions – Utilising technology to help mitigate cyber incident risk has never been easier. Managed Detection and Response (MDR) solutions are an example, and continuously monitor networks, detect threats, and provide real-time alerts. They enhance proactive response by identifying suspicious activities early, allowing organisations to take preventive action before incidents escalate. Taking additional steps like engaging with Information Governance consultants to optimise the use and increase the return on the investment associated to Microsoft 365 Security is another ‘quick win’ for organisations that have already made the investment in Microsoft 365. Information governance consultants, like Epiq, will work collaboratively with an organisation to understand more about where they are today, and how they can get the most out of their existing infrastructure. 

5. Take out cyber insurance – Cyber insurance is a line in an insurance policy that provides financial protection in the event of a cyber incident. It covers a wide range of risks, including data breaches, cyber-attacks, and events like network outages and unforeseen incidents. The main value of having cyber insurance is the same as other types of insurance – it provides financial protection to support you in responding to a cyber incident, as well as business interruption costs.

This list is not exhaustive, there are numerous recommendations that organisations, like Epiq, can make to mitigate cyber risk, and to manage the legal repercussions of a cyber incident. The key is for organisations to respond effectively, and quickly, to a cyber incident. Regulatory fines and potential follow-on litigation arise from non-compliance with data protection laws. Organisations failing to report breaches promptly face penalties. Legal battles can be costly and time consuming. 

Being proactive about cyber security is a focus Epiq will address at LIDW 2024. We look forward to connecting and continuing the conversation. 
 
** Jack Morris is an Epiq EMEA’s cyber expert, and account director, operating out of the United Kingdom. He advises organisations, law firms, and cyber insurers on best practices for proactively mitigating the risk of a cyber incident, and effectively responding once a cyber incident occurs.