Schedule a Consultation
Schedule a Consultation
Schedule a Consultation
Back to all News & Resources

Is Proactive Cybersecurity Worth the Cost for Small and Midsized Businesses?54 sec read

Author
Brian Gillam

Brian Gillam

Chief Operating Officer, Ancillary Business Units, Cozen O'Connor

Read Bio

Connect with LinkedIn

Date
Share
summary

Given the uncertainty of proactive measures, businesses may be tempted to incur reactive costs if a data breach occurs. Brian Gillam, COO of Cozen O’Connor’s ancillary business units and advisory board member to COSECURE, the firm’s security consulting business, writes for Today’s General Counsel on why that’s a bad call.

When it comes to cybersecurity, the most important choice business leaders face is determining which risks to address proactively, with assessments, workforce training, policy preparation, and insurance, versus which risks to address reactively, in the form of breach remediation.

Recently, our security business got a call from a mid-sized company that lost $150,000 to a classic business email compromise. The hacker sent a phishing message to an AP clerk, who then gave up his login credentials. The hacker accessed the clerk’s emails and his OneDrive account. Combing through the data, the hacker identified a legitimate vendor receiving monthly payments of $50,000, and then posed as the vendor requesting payment. The company didn’t realize what was happening until three months later.

Could the attack have been avoided? Easily. But, the company reasoned that cyber prevention was just too expensive and they were small enough to escape the attention of hackers. 

Read more on Today’s General Counsel.

More News & Resources

Behavioral Threat Assessment and Management (BTAM): A Critical Gap in its Implementation2 min read

A recent study published by ASIS International revealed some eye-opening findings about Behavioral Threat Assessment and Management (BTAM) practices in schools. Only 15% of schools conduct social media or online footprint reviews every time they ...

Read More

COSECURE Partners with Safe & Sound Schools to Advance Security in K-12 Learning Environments1 min read

November 5, 2025, Philadelphia, PA –– Today, COSECURE, a national risk management and security consulting firm with an emphasis on physical security, emergency preparedness, active threat prevention, and cybersecurity, announced it has become a supporting ...

Read More

Why an Independent Security Assessment is a Must for Every Organization2 min read

Many organizations—especially schools and healthcare systems—make security decisions without the benefit of subject-matter expertise. Leadership teams understand the importance of safety, but without independent guidance, they often rely on vendors to define the problem and ...

Read More