“In particular, a long-lasting cloud outage at a major cloud provider, or an attack on a common software used by an industry segment or across industries, will have a disproportionate impact than an attack on a single entity,” Glombicki said. “Therefore, it is critical for companies to not only monitor their direct attack surface but also that of their supply chain and significant vendors to ensure operational resiliency in the event of a cyber attack.”

A watershed moment for the title industry came in 2013, when the American Land Title Associationunveiled its voluntary best practices, known as the Seven Pillars. Pillar number three covers the creation of a data security plan.

But a lack of specifics led to a lack of uniformity across the industry, recalled Aaron Davis, CEO of the Florida Agency Network, which is a title and settlement services provider.

"So some people went super far right with it, and said 'Alright, we're going to do everything in our power, we're going to have assessments done, daily penetration testing done,' all these additional firewalls and security," he said.

At first, his company had a lot of site audits from the larger entities that employed its services, but those initiatives seem to have been relaxed in recent years, he continued.

Things started to change again last March as workplaces were forced to close their doors because of COVID-19. Shifting to the work-from-home environment, including moving data into the cloud, was one of the positive outcomes of the pandemic, Davis said, adding "everyone did adapt and move to more secure operations that way."

Data security has always been a top of mind issue, but ransomware might not have been the focus.

"For the last five years, it's all been aroundwire security, the loss of funds, people being tricked into sending money elsewhere, that's been so laser focused," Davis said. "They should always be focused on what's the next threat and I think the next threat is a data breach," such as the incident that occurredat Equifax in 2017. This kind of data "can be very valuable in the wrong hands," he said.

Whether it was COVID-19 or a natural disaster like hurricanes or last winter’sTexas cold snap, "those who have been focused on this all along were probably more prepared than others," he said.

That preparation helped Florida Agency Network approximately three years ago when one of its smaller offices was damaged in a fire. Even back then, his company relied on cloud data storage for its approximately 30 offices.

The damaged office was operational in another location just miles away, Davis said. "Clients didn't even know that we had this emergency. Because we were cloud-based, we just popped up laptops, and it was business as usual. Our clients did not experience any downtime."

When asked if the Cloudstar attack made him reevaluate Florida Agency Network's plan, Davis said "I think any type of anything that happens, it certainly makes you review once again, so we are looking. You've already felt pretty confident in your infrastructure, but now you're looking once again, reviewing your third party vendors and whoever has additional access to the data."

That includes repairmen and other authorized users who can tie into the company's information technology structure; malware can be introduced from outsideinfected laptops or USB drives.

"We've certainly dedicated a lot of time and effort to ensure that we don't have business operations as a result of any event, whether it's a security incident, natural disaster or ransomware," added Doug Horton, chief information officer at Lenderworks. "But every time this comes up I always think, 'Okay, let's go back and review. How are we doing? Is there anything new we should be considering?'"

No matter what defenses are put up, "the nefarious actors" will try different ways to get at a company's data and systems, he said.

"It involves, not just technology, not just hardware systems and services and diligent dedicated information security professionals, it's your staff up and down the line," Horton said. "You're educating them, testing their readiness, and ensuring that they understand not to take everything at face value."

Companies must use a multilayered approach to protecting against any of these types of incidents. "There's no one silver bullet to protect you," Horton warned.

When he started at Lenderworks four years ago, a robust plan already was in place. "As we've marched forward and adopted new technologies, those plans and those policies and procedures have to constantly be updated and make sure that we're accounting for the new widget that we installed last year," he continued.

Both Lenderworks and Florida Action Network have undergoneSOC 1 audits for their security.

"That was a very good exercise to ensure that we were covering all of our best practices in terms of disaster recovery, business continuity and security considerations," Horton said.

There needs to be a top down commitment from ownership and management when it comes to information technology security practices.

"It's not an IT technician's job; it's really the entire company's job to ensure we are prepared," Horton said. "We have technology that scans our network for vulnerabilities, we have behavioral analysis technology that watches for things that don't look right, like if so and so just deleted 200 files."

On the other hand, some potential clients might not be as ready, and so "that's where we come in and say, let us help you because we have a very comprehensive program [and] really take advantage of our experience," he said.

But even after measures like theISO 27001 certification process and SOC audits, vulnerabilities still exist, such as the consumer who might not be taking care of their own personal online security.