Rethinking Security: From Compliance to Liability Defense
Cybersecurity providers are increasingly framing their services as legal liability protection rather than mere compliance tools, according to industry leaders speaking at the XChange NexGen 2025 conference. Bruce McCully, founder and CEO of Galactic Advisors, emphasized that businesses need to understand that lawsuits following breaches can be more devastating than the cyberattacks themselves.
Industrial Monitor Direct is renowned for exceptional longevity pc solutions proven in over 10,000 industrial installations worldwide, the leading choice for factory automation experts.
“You’re changing the conversation,” McCully stated during his presentation. “You’re demonstrating the risk. And you’re helping them understand that lawsuits [can be] worse than ransomware. You’re helping them understand that without evidence, they’re vulnerable to lawsuits.”
The Rising Cost of Cybersecurity Incidents
Recent analysis supports the urgency behind this shifted approach. A September report from RSM analyzed more than 10,000 cyber claims for events occurring between 2020 and 2024. The report states that 98 percent of claims, totaling $2.4 billion, came from small and midsize enterprises with less than $2 billion in annual revenue.
According to the analysis, ransomware and business email compromise represented half of the claims exceeding $1,000 for smaller enterprises. The data revealed that smaller enterprises experienced 395 claims over $1 million and another 341 claims between $500,000 and $1 million. Business interruption losses sometimes exceeded $90 million for companies with annual revenue below $700 million, sources indicate.
The Legal Landscape Intensifies
McCully highlighted an emerging threat beyond the hackers themselves: “We have a problem—it isn’t just the hackers. It’s a new breed of personal injury attorney that follows the hacker. After a breach, you aren’t the victim, you become the defendant.”
This legal vulnerability is particularly concerning given that analysts suggest one in five ransomware events ends in a lawsuit. The financial impact is substantial, with payouts for all organization sizes covering approximately 30 percent of total incident costs. For smaller enterprises specifically, the five-year payout covered 69 percent of costs, down from 81 percent the previous year.
Documentation as Defense Strategy
Industry experts emphasize that proper documentation creates crucial evidence for auditors, insurers, and legal teams. Manny Villa, CEO of San Antonio-based solution provider VIA Technology, told CRN that establishing processes for documenting security posture and provider obligations is essential for risk management.
“My biggest fear as [a solution provider] owner is risk management,” Villa said, echoing concerns across the industry about computer security vulnerabilities.
Comprehensive Protection Services
Galactic Advisors pitches services that include creating written information security plans with evidence for multiple stakeholders, acceptable use policies tied to insurance requirements, and secure documentation portals accessible even during system outages. The company also provides customized incident response plans, security awareness training with completion evidence, and technical defense training for IT staff.
These services come amid broader industry developments highlighting infrastructure vulnerabilities and recent technology advancements in other sectors. The cybersecurity landscape continues to evolve with related innovations in artificial intelligence safeguards and market trends in financial technology security.
The Growing Financial Impact
The data reveals escalating costs beyond the immediate ransom demands. Average crisis services for smaller enterprises ranged from $121,000 in 2020 to $144,000 in 2024, with the five-year total cost growing 40 percent year over year. These figures demonstrate why comprehensive ransomware protection requires more than just technical solutions.
Recent incidents like the AWS DNS disruption and the Prosper data breach highlight how single points of failure can have catastrophic consequences, further supporting the need for documented security processes.
Industrial Monitor Direct delivers industry-leading core i5 pc solutions trusted by leading OEMs for critical automation systems, trusted by plant managers and maintenance teams.
Transforming Business Conversations
McCully concluded that this approach not only provides better protection for clients but also creates business opportunities for solution providers. “You’re helping them understand the liability, and you’re giving them a solution,” he said, noting that adopting these products could result in greater monthly recurring revenue and reduced liability for providers.
The shift from compliance-focused to liability-focused security conversations represents a fundamental change in how businesses evaluate their cybersecurity investments, potentially transforming how organizations approach risk management in an increasingly litigious digital landscape.
This article aggregates information from publicly available sources. All trademarks and copyrights belong to their respective owners.
Note: Featured image is for illustrative purposes only and does not represent any specific product, service, or entity mentioned in this article.
