BakerHostetler Launches 2024 Data Security Incident Response Report, ‘Persistent Threats, New Challenges’
April 23 2024 - 11:35AM
Business Wire
Law firm publishes 10th annual report featuring
statistics and insights from more than 1,150 data security
incidents it helped manage in 2023
Following its fourth-time shortlisting by Chambers &
Partners USA as a Privacy & Data Security Law Firm of the Year,
BakerHostetler released its 2024 Data Security Incident Response
Report. The 10th annual overview provides insights and metrics from
the security incidents the firm managed in the prior year (more
than 1,150 incidents in 2023). BakerHostetler is the only law firm
to issue a report like this. The report also features insights and
trends on AI, privacy, litigation, regulatory investigations, web
tracking and more, along with additional analysis from various
teams in the firm’s Digital Assets and Data Management Practice
Group. Businesses around the world use this report to help develop
their cybersecurity measures, incident response plans and
information governance practices.
This press release features multimedia. View
the full release here:
https://www.businesswire.com/news/home/20240423407708/en/
(Graphic: Business Wire)
Key takeaways:
- Ransomware attacks continue (we saw over 300 ransomware
events last year). But entities are more resilient — they are
paying a ransom less often and restoring from the attack
faster.
- Regulatory enforcement and class action lawsuits related to
pixels and other website tracking technologies surged in
2023, particularly in the health care industry (up 300% since
2022).
- Breach disclosures led to litigation more often, even in
small incidents. The likelihood of being sued after disclosing
a breach continues to grow. More than 58 incidents disclosed in
2023 resulted in one or more lawsuits filed (compared with 42 in
2022).
- The multiyear trend of significant supply chain
attacks continues (SolarWinds, Blackbaud, MOVEit and now Change
Healthcare). Strengthening vendor management programs is a tall
task and an important one.
Why this report matters
It is a one-of-a-kind mix of aggregated data from security
incidents and insights from the full suite of advisory services the
firm provides across the entire data and technology life cycle.
Key quote
“We are proud that our DSIR Report is a sought-after resource
that helps companies across the globe make risk-informed decisions
about leveraging data and technology,” said Theodore J. Kobus III,
chair of BakerHostetler’s DADM Practice Group. “Each year, we
identify core IR data points, how the threat landscape has changed,
and timely topics like web tracking litigation, artificial
intelligence and the state of regulatory investigations. It is a
significant effort to produce this report each year, and doing so
for 10 years demonstrates our commitment to being the leader in
helping companies navigate this dynamic area.”
Progress against ransomware attacks
Ransomware continues to be a significant problem — ransomware
was used in 72% of network intrusions in 2023. Still, progress in
avoiding and recovering more quickly from ransomware is evident in
the 2024 report statistics. Extensive endpoint detection and
response tool usage, patching, and resilient backup strategies help
prevent attacks, mitigate the impact of those that do occur and
enable restoration without the need to pay for a decryptor. In
2023, companies paid ransom in 27% of ransomware incidents
(compared with 40% in 2022) and restoration occurred 25%
faster.
Response metrics improve (again)
Incident response capabilities at companies (and the companies
that support them) continue to mature. Network defenders detected
and contained incidents faster. And the average cost for a forensic
investigation declined to $78,138 (it was $90,335 in 2022). The
primary drivers of these improvements are preexisting EDR tool
deployment, more security information and event management
utilization, and increased use of forensic triage packages. The
average time for detection of a network intrusion incident in 2023
with an EDR tool deployed was 12 days compared with 19.7 days
without an EDR tool.
Web tracking technologies continue to be target of regulatory
action and lawsuits
Regulatory enforcement and class action lawsuits related to
pixels and other web tracking technologies surged in 2023,
particularly for health care organizations. More than 200 lawsuits
have been filed against health care entities for their use of
third-party web technologies, 75% of which were filed in 2023
(“only” 50 were filed in 2022). BakerHostetler is representing
health care entities in over half of the pending health care pixel
actions. Retailers and restaurants are also seeing tracking
technology arbitration demands and lawsuits.
Threat actors are getting more creative, and AI is helping
them
Business email compromises were the second-most-common type of
incident. Threat actors continue to find ways to trick users into
clicking on phishing links and then get past multi-factor
authentication. AI tools are being used to enhance the efficacy of
phishing emails.
MFA alone is not enough to secure access to email accounts (not
only because it can be bypassed). Securing an email tenant involves
complicated configuration efforts.
Several threat actors used sophisticated social engineering
techniques, including SIM swapping, quishing (using QR codes in
phishing emails) and smishing (using a text message to trick the
recipient into downloading malware or disclosing sensitive
information).
Key quote
“Our goal in producing the DSIR Report is to provide a resource
that shows companies what actually occurs when a security incident
happens to enable them to make data-informed decisions,” said Craig
Hoffman, co-leader of BakerHostetler’s national Digital Risk
Advisory and Cybersecurity team. “Companies do not have unlimited
resources, so having a source of compromise-intelligence allows
them to prioritize measures for the issues that are likely and
impactful.”
BakerHostetler’s DADM Practice Group — made up of more than 100
attorneys and technologists — unites key service offerings and
technologies intersecting with the life cycle of data. A globally
recognized leader, the group boasts a roster that includes
attorneys who have practiced in this space for more than two
decades, former federal prosecutors, veteran in-house counsel and
past government agency leaders. With eight top-tier rankings by
Chambers USA and Legal 500, the DADM Practice Group is considered a
powerhouse for cybersecurity, privacy, advertising, data governance
and emerging technology matters. For more information, visit
bakerlaw.com/DigitalAssetsDataManagement. Connect with us on the
social platform X at @BakerHostetler or on LinkedIn at
@BakerHostetler, @TedKobus and @CraigHoffman.
About BakerHostetler
BakerHostetler helps clients around the world address their most
complex and critical business and regulatory issues. Our highly
ranked attorneys deliver sophisticated counsel and outstanding
client service. We have six core practice groups — Business,
Digital Assets and Data Management, Intellectual Property, Labor
and Employment, Litigation, and Tax — and more than 1,000 lawyers.
For more information, visit bakerlaw.com.
View source
version on businesswire.com: https://www.businesswire.com/news/home/20240423407708/en/
Courtney B. Smith 202-861-1514 cbsmith@bakerlaw.com