On Feb. 5, 2021, a hacker accessed computer systems at the Oldsmar, FL, water treatment facility and raised the level of sodium hydroxide (lye) in the water to more than 100 times the normal level. Fortunately, an alert employee noticed the change and reversed it before there was any adverse effect.

Every state in the U.S. has data breach notification laws. In Delaware, for example, if a breach requires a certain number of residents to be notified, the organization must also provide notice to the attorney general. Some states require organizations to provide credit monitoring services to those affected by a breach of financial data.

The trend toward remote and mobile work was already picking up steam prior to 2020. The pandemic accelerated this shift and, in many cases, organizations didn’t have time to secure their endpoints. Today, employees are using their own devices and accessing resources through the cloud more than ever, but endpoint security is still lagging behind.

Modern businesses depend on the Internet more than ever — analysts say global Internet usage has increased by an astonishing 1,355 percent since 2020. That increased online presence has been a boon for hackers and other malicious actors, with one recent study estimating that 85 percent of all malware is now delivered via web browsing.

Sharp increases in ransomware and other malicious cyberattacks are leading more companies to consider purchasing cyber insurance. However, the same market forces are making it more difficult to acquire such protection.

Security threats continue to escalate. From advanced hacks engineered by nation-state actors to more prosaic attacks using “as-a-service” malware, organizations face a constant barrage of threats to their IT infrastructure and data.