Cybersecurity law comes to Nevada’s forefront to combat crime
April 6, 2018
RENO, Nev. — Monetary damages resulting from cyber crimes could cost $6 trillion annually by the year 2021, according to the website, CSO Online.
To combat the increasing problem of cyber crimes, state and federal entities have taken steps to legislate cybersecurity.
Last June, Nevada Gov. Brian Sandoval signed Assembly Bill 471, introducing the Office of Cyber Defense Coordination within the state's Department of Public Safety. The goal is to coordinate and respond to various cybersecurity threats that circulate through the internet.
Cybersecurity law is a major focus in Nevada, as well as nationally. Edgil, a cyber risk and regulatory compliance partner to the Fortune 500, reported that 42 U.S. states introduced roughly 240 bills and resolutions on cybersecurity in 2017 alone.
While cybersecurity breaches at Target and Equifax, among others, have grabbed the headlines, Greg Brower — an attorney who specializes in cybersecurity in the Nevada and Washington law offices of Brownstein Hyatt Farber Schreck — says any company or organization large and small is susceptible to a cyber an attack.
"When I worked at the (FBI), we used to have a saying — there are two kinds of businesses, those who have already been affected by a cyber attack and those who will be affected a cyber attack," Brower said.
Recommended Stories For You
Different types of cyber crime
Considering that, law firms such as Brownstein Hyatt Farber Schreck and Holland & Hart LLP, which as offices in Reno, have added cyber security practices in recent years.
Romaine Marshall is an attorney that specializes in cybersecurity in Holland & Hart's Salt Lake City office.
"I got into cybersecurity about three years (ago) when a client of mine was affected by cyber crime," Marshall said. "Now, I've worked on about 50 incidents of cybersecurity cases."
Marshall said the most common industries hit hardest by cybersecurity breaches are retailers, software companies, lenders and health care organizations.
Among the main threats are ransomware. In a ransomware attack, hackers steal various companies' customer data and hold it hostage in return for money. Marshall said he also sees fraudulent cyber activity during tax return season.
Another cyber-based scam that has gained steam is wire fraud in the title and escrow industry. For example, the number of wire scams reported by title companies to the Internet Crime Complaint Center increased 480 percent in 2016, according to The American Land Title Association.
Plenty of temptation for criminals
Eric Maiss, president of Title Service and Escrow with offices in Reno, Fernley and Yerington, said wire fraud is appealing to criminals because a single fraudulent transaction can, on average, yield $130,000, and in some cases more than $1 million.
Also the likelihood the money is recouped is minimal.
"Oftentimes, this money goes to an offshore bank account and by then is almost impossible to recover," Maiss said.
There are possible course of action that fraud victims can take. For instance, the Financial Fraud Kill Chain (FFKC) is available for person(s) affected by wire fraud. FFKC handles cases of at least $50,000 in losses and transferred to an international account. Victims have up to 72 hours to report a claim.
Marshall and Brower both take proactive approaches with clients while providing counsel when breaches do occur.
"We can go through tabletop exercises with everyone in a company to work out a plan in case of cybersecurity incident," Marshall said.
Brower said at Brownstein Hyatt Farber Schreck some of their clients are in the gaming and financial industries, and can work with state and federal regulators as well as the FBI if a breach occurs.
He explained companies should take initiatives of cybersecurity, particularly since an attack is considered inevitable.
"A big part of cybersecurity is there must be complete by-in form companies from the top on down," Brower said. "It's incumbent of companies large and small depending on their resources, to access systems and fix vulnerabilities."