The following insights are based on a Larry Kraus Tax & Tech-NEW-logy discussion moderated by Tony Gebely, founder and CEO of Annapurna Cybersecurity, including Annmarie Giblin, Partner at Norton Rose Fulbright and David Sun, Principal at CohnReznick. You can access the recording and podcast here.
Key Insights:
- Evolving Ransomware Tactics:
- Ransomware attacks have evolved beyond just encrypting data. Attackers now exfiltrate sensitive information and threaten to leak it if ransoms aren’t paid, making data exfiltration a significant risk.
- Awareness Gap:
- Many family offices underestimate their vulnerability, often assuming they are too small to be targeted. This misconception can leave them unprepared for attacks.
- IT vs. Security:
- There's a crucial difference between IT operations and cybersecurity. Many family offices mistakenly believe their IT staff are equipped to handle security threats, but securing systems requires specialized skills.
- Legal and Regulatory Complexity:
- Family offices must be aware that they are responsible for the security of their data, even if they outsource IT services. In the event of a breach, they must navigate complex legal and regulatory requirements, which can involve notifying various authorities and dealing with potential lawsuits.
- Proactive Measures:
- Implementing multi-factor authentication, maintaining secure backups, and conducting regular security awareness training are essential steps in mitigating risks. Family offices should also consider proactive assessments, like penetration testing, to identify vulnerabilities before they are exploited.
- Cyber Insurance:
- Cyber insurance is crucial for family offices and high-net-worth individuals to mitigate financial risks from cyber incidents like ransomware. It’s important to understand coverage details, including first-party recovery costs, third-party claims, and specialized ransomware coverage, as gaps or inaccuracies can lead to claim denials. Early involvement of legal counsel is essential to navigate regulatory challenges.
- Importance of Incident Response:
- Having an incident response plan in place, with printed copies accessible in case of an attack, is vital. Quick and coordinated action is necessary when ransomware strikes. Legal consultation is advised.
- Emerging Threats
- Besides ransomware, business email compromise (BEC) is a significant threat, often resulting in financial loss or the exposure of sensitive information. Regular security assessments and awareness training can help mitigate this risk.