← Back to All

2016 Cyber Attack Stats and Defense Options

Sep. 19, 2016

The Baker Hostetler Law Firm, a recognized expert on regulatory and legal consequences of data breaches, has released its 2016 Data Security Report titled, Is Your Organization Compromise Ready? In the 300 incidents handled by the firm in 2015, phishing, hacking, and malware took the lead, accounting for about 31% of incidents investigated. However, after analyzing the underlying issues that allowed the attacks to succeed, the findings showed that human error was a significant factor over half of the time.

Highlighted defense against cyber threats

The report is a must read for law firms that have yet to prepare for the eventual Cyber Security Breach with today’s sophisticated, ever-evolving cyber threats. The report highlights that one of the readily available weapons in a law firm’s arsenal to defend against cyber threats is Cyber Liability Insurance.

Cyber liability insurance policies give policyholders access to the latest in risk assessment and risk management resources. Those resources will help a law firm identify and address network and system vulnerabilities. Law firms have an ethical and legal obligation to protect the confidential digital information of clients and; being proactive and not reactive, is the difference between effectively and efficiently shutting down the cyber criminal.

A readily available forensic team can protect your clients and prevent public notifications

The Baker report sites that a company's ability to get a forensic firm engaged quickly is key and found that the average amount of time from discovery until containment was 7 days. Below is a graphic of the incident response timeline. Cyber Liability Insurance allows a firm to work immediately with predetermined “privacy counsel” and forensic investigators.

The Baker report also found that with effective forensic investigation, not every incident results in notification or “public awareness”. Approximately 40% of the incidents Baker investigated in 2015 did not require notification. Two of the most common reasons notification was not required were (1) because the information at risk did not meet the definition of “personal information" and (2) a forensic investigation determined that there was no unauthorized access or acquisition of personal information. It was also pointed out that companies can most improve their cyber security exposure by:

  1. Detecting incidents sooner;
  2. Contain them faster after detection; and
  3. Keeping good logs to better identify what occurred and stop the attack before the attacker can get a foothold in the network.

Baker says: “Knowing with greater certainty what was at risk and having the ability to show that certain data elements were not affected often play key parts in a company’s dialogue with regulators and customers, and provide defenses in enforcement actions and lawsuits”.

Ready to get a premium estimate for your own Cyber Insurance?

Premium Estimate

Questions about Cyber Insurance?

Request a Broker

Source: Baker Hostetler: Is Your Organization Compromise Ready? - 2016 Data Security Incident Response Report


Cindy Wiedman, LiabilityPro Insurance Advisors, President

Cindy Wiedman, founded Wiedman Insurance Services, LLC (LiabilityPro Insurance Advisors*) August 1, 2014. Cindy is a Registered Professional Liability Underwriter (RPLU) and has designed and administered professional liability insurance programs over a 35-year career working for various insurance administrators in the Midwest such as Shand Morahan & Company, Kirke Van Orsdel, Marsh and Lockton Affinity.

*Currently working with investment advisory businesses domiciled in Iowa, Minnesota, Kansas, Illinois and Nebraska.

Subscribe to Our Monthly Newsletter and Receive the Below eBook for Free!
Thank you for Subscribing to the LiabilityPro Insurance Insider!

You’ll now receive instant monthly access to amazing free tips and resources like:

• Free and paid CLE opportunities
• Cutting premium costs
• Effectively managing your insurance
• Relevant industry articles
• And more!

Here's your free download to:  Cyber Security Threats and the Practice of Law: Understand Threats, Prevent Losses, and Learn Requirements
An error occurred while submitting the form. Please contact for direct assistance.
Also read, “6 Keys to Understand and Take Charge of Your Professional Liability Insurance.”  View Resource
Reliably Simple.
© 2022 LiabilityPro. All rights reserved.
None of the information provided in the website is a guarantee that insurance will be provided or that the agency is obligated to procure insurance for the website visitor. Misstatements or omissions of relevant information by the applicant can lead to price variation or even declination or rescission of coverage. Brokers can make your life easier in buying an insurance policy that best suits your needs, but working with a broker is not a substitute for your independent review of the policy being considered. In the end, the decision to buy or not buy one policy over another is the buyers decision.
Website by  One Branding  .