Cyberattacks now threaten organizations of every size and industry. Preventive security measures remain the strongest defense, but even the most sophisticated safeguards cannot guarantee immunity. Our panelist looks at what your organization should do if it’s been the victim of a cybersecurity breach.
Panelists: Cameron Shilling, chairman of the Cybersecurity and Privacy Group, McLane Middleton, mclane.com
Jeff Kuhn, Vice President and Senior Solutions Architect, New England IT Partners, newitpartners.com
Cameron Shilling, chairman of the Cybersecurity and Privacy Group, McLane Middleton
How should businesses respond to a data breach to minimize liability?
Since breaches are increasingly inevitable, businesses must be prepared not only to prevent incidents but also to limit damage and liability when one occurs.
Some companies already have mature cybersecurity programs or have weathered breaches before; others are far less prepared. Regardless of where a business stands, the following post-incident practices can significantly reduce exposure.
Act immediately
Speed is essential. Once a breach is discovered, a business must quickly determine how the incident occurred, what information was compromised, and who may be affected. Although cybersecurity professionals understand that full investigation and remediation can take weeks, impacted individuals rarely appreciate such delays. In fact, the most common allegation in breach-related class actions is that the company failed to notify people promptly.
To avoid this, businesses should communicate early — even if all details are not yet known. An initial informal notice can reassure individuals and reduce frustration, while buying time for a complete formal notification later. As a general guideline, companies should notify affected individuals within three to six weeks of discovering the breach. Even when not legally required, timely communication substantially reduces liability tied to delayed notification.
Be sympathetic
People whose data has been compromised are understandably anxious and upset. They want clarity, acknowledgment and reassurance. Too often, customer service interactions during a breach feel scripted, evasive or unhelpful, which only deepens distrust.
Businesses handling their own call centers — or fielding calls due to close customer relationships — should prioritize empathy and transparency. Acknowledge concerns, provide meaningful information and treat the interaction as an opportunity to strengthen trust rather than damage it further.
Offer protective services
The most effective way to reduce liability after a breach is to offer comprehensive credit and identity monitoring and restoration services to all affected individuals.
These services track credit activity, monitor the internet and dark web for misuse, and provide hands-on support if fraud occurs.
Some insurers offer limited monitoring without restoration services, or restrict coverage to certain types of compromised data. Impacted individuals rarely understand or value such distinctions. Businesses should therefore consider offering full monitoring and restoration whenever sensitive information is involved. The cost is modest compared to the expense of litigation — especially lawsuits alleging that the company failed to provide adequate protection. Even if insurance does not cover these services, offering them remains a strong defense.
Consider ransom
Many organizations refuse ransom demands because they can restore systems independently. In response, attackers increasingly steal data before encrypting systems, then demand payment to prevent its sale on the dark web. Some even contact affected individuals directly, pressuring them to pay.
Businesses facing ransomware must evaluate whether paying ransom is necessary to prevent disclosure. Any such decision must involve law enforcement to assess the credibility of the attackers’ promises and ensure compliance with federal restrictions on prohibited transactions.
Fix problems
Significant breaches often draw regulatory scrutiny, especially when they involve sensitive data such as health, financial or information about vulnerable populations. While companies cannot change their preincident compliance posture, they can take corrective steps afterward. These efforts should be conducted under attorney-client privilege to ensure that any disclosures about remedial measures are strategic and protected.
Breaches are disruptive and costly, but they do not have to be catastrophic. With swift action, transparent communication, meaningful support for affected individuals and careful remediation, businesses can reduce liability and preserve trust — even in the aftermath of a serious incident.
Jeff Kuhn, Vice President and Senior Solutions Architect, New England IT Partners Why should small and medium-sized businesses (SMBs) in New Hampshire care about cybersecurity?
SMBs are now the primary target for cybercriminals. Attackers know that smaller organizations often lack dedicated IT security staff, yet still handle valuable data, including but not limited to customer records, payment information, employee payroll and intellectual property. In New Hampshire, where many businesses are professional services firms, manufacturers, health care providers and local retailers, a single cyber incident can shut down operations, damage trust and create regulatory headaches.
Cybersecurity is no longer just an IT issue; it’s a business survival issue.
What are the most common cyber threats facing local businesses today?
The top threats are phishing emails, ransomware and credential theft. Phishing emails, which are often disguised as invoices, shipping notices or messages from vendors, remain the easiest way for attackers to gain access. Ransomware can lock up your systems and demand payment to restore them. We also see a rise in business email compromise, where attackers impersonate executives or vendors to redirect payments. These attacks are increasingly automated and don’t discriminate against company size or industry.
Are New Hampshire businesses uniquely at risk in any way?
New Hampshire businesses often rely on tight-knit vendor relationships and trust-based communication, which attackers exploit. Many companies also operate in hybrid or remote work environments, increasing exposure if home networks or personal devices are unsecured. Additionally, businesses that work with regulated data — such as health care, financial services or defense-related manufacturing — face higher compliance and reporting obligations if a breach occurs.
What basic cybersecurity steps should every SMB take immediately?
Start with the fundamentals. Implement multifactor authentication (MFA) for all critical systems, including email, remote access, cloud services, external web portals and online banking. Keep all systems patched and updated. Use strong, unique passwords managed through a password manager. Back up critical data regularly and test your ability to restore it. Finally, train employees to recognize phishing attempts; human error is still the leading cause of breaches. It’s important to have a local IT partner that can identify and mitigate risks using these steps and more!
Is cybersecurity expensive for small businesses?
It doesn’t have to be. While enterprise-level solutions can be costly, many effective protections are affordable or even built into tools businesses already use. The real cost comes from not investing in cybersecurity. Downtime, ransom payments, legal fees, lost customers and reputational damage can far exceed the cost of prevention.
Cybersecurity should be viewed as risk management, similar to insurance or workplace safety.
How important is employee training?
Extremely important. Technology alone won’t stop cyberattacks. Employees are the first line of defense, especially against phishing and social engineering. Regular, practical training — short sessions that explain real-world threats — can dramatically reduce risk.
Employees should feel comfortable reporting suspicious emails or activity without fear of blame.
What should a business do if it experiences a cyber incident?
Act quickly and calmly. Disconnect affected systems, preserve evidence and contact a qualified cybersecurity professional. Depending on the situation, you may need to notify customers, regulators or law enforcement. Having an incident response plan in place before something happens can make the difference between a minor disruption and a major crisis.
What’s the key takeaway for New Hampshire business owners?
Cybersecurity is not optional, but it is manageable. You don’t need to be perfect; you need to be prepared. With the right mix of technology, training and planning, New Hampshire businesses can significantly reduce their risk and protect the businesses they’ve worked so hard to build.
Cyberattacks now threaten organizations of every size and industry. Preventive security measures remain the strongest defense, but even the most sophisticated safeguards cannot guarantee immunity. Our panelist looks at what your organization should do if it’s been the victim of a cybersecurity breach.
Despite some angst that the Trump Administration might vaporize the money, funds are coming to New Hampshire to expand broadband internet access throughout the state, although the amount isn’t what was originally allocated
A process to create human tissue and bone through 3D printing won top honors at the NH Tech Alliance’s Product of the Year competition. The BioAssembly Bot 500, a robotic-based tissue fabrication and manufacturing platform, was developed by Advanced Solutions Life Sciences, a Louisville, Kentucky-based company whose research and development team is based in the Manchester Millyard.
Industry group celebrates second year with more than 50 member companies
United Therapeutics found the Millyard the perfect setting to help meet its core mission: that no one should ever die waiting for an organ. EwingCole principal Michael Ramus shared the company’s decision to open a corporate research and development facility…
The regional player in the aluminum beverage can industry has big plans for expansion to other parts of the United States
Manchester inventor Dean Kamen announced on Friday the culmination of his effort to transform greater Manchester into a hub for regenerative medicine – millyard space dedicated to the actual manufacture of cell-based body repair products and, eventually, body parts.
Five home-grown innovations — including two medical systems, workforce software, a parts ID marker for manufacturing and a video tracker for ski racers — are vying for the 2025 Product of the Year from the NH Tech Alliance.
Albany International develops and manufactures components using advanced materials for the paper and aerospace industries. Its two main businesses are Machine Clothing, which produces custom belts for paper production, and Albany Engineered Composites, which supplies advanced composite parts for the aerospace industry.
