Search for other episodes
Episode 063: Mitigating Increasing Cyber Risks and Real Ransom Demands in AEC
Today’s episode of the AEC Leadership Today podcast features a first: two guests – Dale Crow and Rob Rosenzweig, both Senior Vice Presidents at Risk Strategies. Dale’s a professional liability attorney and risk management consultant and Rob’s the firm’s National Cyber Risk Practice Leader. We dive deep into the evolving world of cyber risk and cybercrime and what we should be doing now to better protect ourselves, our firms, and our clients.
Mitigating Increasing Cyber Risks and Real Ransom Demands in AEC
It’s no longer about getting personal identifiable information, and it’s no longer about being a nuisance. Cybercrime today is about access to data, extortion, and ransoms being paid. It’s real, and it’s scary. Any firm, large or small, can be—and is being—targeted, and the magnitude of impact is only increasing. As leaders, we need to know about it, and we need to know how to act.
In this episode, Dale, Rob, and I get into the history of cybercrime, how things are different today, why our firms are being targeted, where most penetrations come from, what can be done to stop them, all the things that need to happen if and when we’ve been compromised, as well as what we can do to better protect ourselves and mitigate risk.
“…Some of what our clients have done over the last few years in terms of the right risk management practices…hasn’t worked as well when your workforce is distributed, as it is when your workforce is on site.”
— Rob Rosenzweig
In this episode, we discuss:
- How the digital threat and cyber security landscape has been evolving, and how it’s further changed since COVID-19.
- How distributed workforces have raised cyber security risks.
- The different forces behind cybercrime today – both state-sponsored warfare and organized crime, and why both large and small businesses and organizations are being targeted right now, including those in AEC.
- How protecting your data can improve your market positioning.
- The most common types of cybercrime, including ransomware and invoice manipulation.
- How most penetrations into our systems occur and how training your people properly and being very careful with email can be our strongest defenses.
- The mechanisms of a cyber breach, how you know it has happened, and what to do after your data has been locked or stolen.
- The complexities of the extortion response – what has to happen after a ransom demand in terms of investigation, negotiation, payment, and the return of your data, as well as the additional legal complications in cases where the perpetrator is a state-sponsored group.
- How cyber protection insurance is changing, how policies differ, and why the most advantageous polices are as much service-driven.
- The need for a breach response plan and strategies and best practices to help protect your firm and your data now.
- How current cybercrime may begin to shift the professional standard of care for both engineers and architects.
“My experience is…your best and first line of defense is your people.”
It was a great opportunity to have two distinguished experts like Dale and Rob discuss cyber risk and security at length on the podcast this week. I hope their experiences, knowledge, and insights shared will to help protect you and your firm moving forward.
About Dale Crow & Robert Rosenzweig
Dale Crow, JD, is a Senior Vice President at Risk Strategies, a national insurance brokerage and risk management firm. Dale specializes in professional liability and other property & casualty insurance solutions for architectural and engineering firms and a wide variety of consultants. Prior to joining Risk Strategies, Dale practiced law with Lewis Thomason in Nashville. He has substantial litigation experience in professional liability, which he uses to assist his clients in risk management consultation, contract review, and the placement of a comprehensive insurance program. Dale also regularly presents risk management seminars for local, state and national professional associations, as well as for individual clients.
Robert H. Rosenzweig, RPLU, is a Senior Vice President and the National Cyber Risk Practice Leader at Risk Strategies. In this role, Rob oversees all of the firm’s cyber professionals and works directly with the firm’s clients and prospects on creating comprehensive and customized coverage for their data security, privacy, and errors & omissions exposures. Rob is also responsible for coordinating the firm’s overall cyber strategy nationally. A published writer and frequent interview subject on cyber liability topics, he also has participated on panels and led seminars on a variety of related topics. Rob currently holds the Cyber COPE Insurance Certification from Chubb & Carnegie Mellon University and a designation as a Registered Professional Liability Underwriter. Rob received his Bachelor of Arts Degree in Government & Economics from Hamilton College.
Thanks for listening to the AEC Leadership Today Podcast!
I sincerely hope you enjoyed today’s episode. Be sure to contact Dale and Rob for more information about cybersecurity, what you can do to strengthen your defenses, and the best ways to be prepared for cyber threats going forward. If you like what you heard, please leave a review on iTunes and share the podcast with your friends and colleagues. Look forward to seeing you in the next episode!
Resources Mentioned in This Episode
Are you interested in being a guest?
How to help out
Please leave a review on iTunes, Spotify and Stitcher. They really help, so thank you.
About the Host
Peter C. Atherton, P.E. is an AEC industry insider having spent more than 20 years as a successful professional civil engineer, principal, major owner, and member of the board of directors for high-achieving firms. Pete is now the President and Founder of ActionsProve, LLC, author of Reversing Burnout. How to Immediately Engage Top Talent and Grow! A Blueprint for Professionals and Business Owners, and the creator of the I.M.P.A.C.T. process. Pete works with AEC firms and leaders to grow and advance their success through modern and new era focused strategic planning and implementation, executive coaching, leadership and management development, performance-based employee engagement, and corporate impact design.