Should You Protect Your Business From A Cyberattack?

In April the U.S. Department of Justice declared 2020 as the worst year ever for extortion-related cyberattacks. 2021 isn’t fairing much better, with the DOJ reporting a 102 percent increase in Randsomware attacks. These statistics, coupled with recent headlines concerning attacks on the Colonial Pipeline and the U.S. meatpacking industry, may cause business owners to wonder if they should protect their business from a cyberattack.

Executive Order on Cybersecurity

In an effort to thwart cyberattacks on federal institutions, President Biden recently signed an Executive Order (EO) to improve the nation’s cybersecurity and protect federal government networks.

The EO establishes the following:

• Ensures IT Service Providers are able to share information with the government and requires them to share certain breach information.
• Helps move the federal government to secure cloud services and zero-trust architecture, and mandates deployment of multifactor authentication and encryption within a specific time period.
• Improves the security of software by establishing baseline security standards for development of software sold to the government, including requiring developers to maintain greater visibility into their software and making security data publicly available.
• Requires a Cybersecurity Safety Review Board, comprised of government and private sector representatives.
• Create a standard playbook for responding to cyber incidents.
• Improves the ability to detect malicious cyber activity on federal networks by enabling a government-wide endpoint detection and response system and improved sharing.
• Creates cybersecurity event log requirements for federal departments and agencies.

What the EO means for private entities

The EO mandates action for federal government agencies, but it may also impact private organization. Federal government contractors, in particular, should watch for changes to cybersecurity requirements. The EO also affects software developers and manufacturers of IoT (Internet of Things) devices.

President Biden encourages private sector companies to follow the federal government’s lead and take measures to augment and align cybersecurity investments with the goal of minimizing future incidents.

What is cyber liability insurance?

Cyber insurance covers a business’ liability for a data breach including sensitive customer information (driver’s license, social security, credit card numbers, etc.). Typically this type of incident isn’t covered by general liability. Cyber insurance typically helps business owners with legal fees, restoring personal identities of affected customers, recovering compromised data, repairing damaged systems, and notifying customers about the breach. Many insurance carriers offer cyber liability coverage.

Help is available

Business owners with questions regarding cybersecurity should call the attorneys at O’Reilly Rancilio at 586-726-1000 or visit our website at www.orlaw.com.