Which industry has made the greatest gains over the last several years in awareness of and protecting against cyber risks, and which industry has been struggling?
“The financial services industry has been at the forefront of cybersecurity awareness due in large part to the involvement of regulators, such as the New York Department of Financial Services. The professional services industry—in particular the legal profession—has a lot of catching up to do in this area.”
Jonathan Ziss, Partner, Goldberg Segalla. CLM Member since 2011.
“The industry that has made the greatest gains is the retail industry. Many retailers are using best-in-class cybersecurity tools to improve vulnerabilities. An industry that is lacking in this area is the health care industry, especially given that health care is one of the biggest targets for ransomware and other cyberattacks.”
Georgea L. Mancuso, Special Counsel, Black Marjieh & Sanford LLP. CLM Member since 2014.
“Clearly retail is a frontrunner in adapting to cyber risk. The industry’s focus on secure payment processing (once bitten, twice shy!) has proven effective. By comparison, health care is seriously lagging. This is borne out by the continued frequency and severity of breaches involving these institutions.”
Christopher J. Seusing, Partner, Wood, Smith, Henning & Berman LLP. CLM Member since 2012.
“Online retailers have been the most active in addressing cybersecurity and developing failover systems. The manufacturing sector has been the slowest to react. Only after recent ransomware attacks has it began focusing on cyber risk reviews and response plans. Hackers target this sector for the disruptive aspect and to generate revenue via ransoms.”
Bernard Regan, Director, Baker Tilly Virchow Krause LLP. CLM Fellow since 2018.
“Higher education. Its intrinsically open environments do not lend themselves to a security mindset, but the submission quality improvement within this class is notable. Governments/municipalities have lagged. Their diverse operations and on-average lower wages than commercial enterprises make the implementation of adequate controls and recruitment of talented security professionals difficult.”
Josh Ladeau, Global Head of Tech, E&O, and Cyber, Aspen Group. CLM Fellow since 2019.