The Good, The Bad and The Rising Security Breach
It’s no secret that the Internet has become the new Wild West. With cybercrime and identity theft becoming more lucrative and qualified infosec employees becoming harder to come by, enterprises are scrambling to update their critical infrastructure to protect their most valuable assets: Customer information.
According to new data from a recent Ponemon study, the cost of a data breach has jumped a full 23 percent from the previous year to $3.8 million and the cost-per-record of customer profiles has risen 6 percent to $154 each. While that may seem like a significant chunk of change considering that most large enterprises have customers numbering in the millions, it’s really the brand reputation that suffers the most. Much like the banks in the times of saloons and cowboys, enterprises are doing what they can to defend against malicious attempts, but sometimes the sheriff and his posse aren’t enough to stop a whole gang of bandits.
So what caused the 23 percent jump in the cost of a data breach? The Ponemon report points to just a few of the reasons: Attack volume, loss of business and budget expenditures on incident response. If we put those three ideas more simply, it’s that the rate of cyberattacks are going up, so therefore more companies will have their reputation tarnished and then fortify their response teams so that future breaches will be less severe.
Not all hope is lost, though. There are a few items that may help with lessening the impact of a breach:
An involved board of directors
When your company has the ability to get buy-in for security technology and staff at the very top, your breach severity drops dramatically. According to the Ponemon study, having an informed and attentive board of directors cuts the per-capita cost of breaches by $5.50.
Taking out a breach insurance policy
In years before the time of mega-breaches, taking out insurance policies for cybercrime had been likened to buying snake oil extract from a fast-talking stagecoach salesman that just came through town. After incidents concerning the likes of Target and Home Depot, more enterprises are taking out cyberinsurance policies, which – if you believe the study – cuts the breach cost per-capita by $4.40.
Well-trained incident response personnel
Just like late 1800s America, having an experienced team on hand to defend from attacks and deter criminal activity is an essential requirement for keeping you and yours safe. In the modern world, keeping a knowledgeable and diligent security staff up to date on current threats has its advantages: An incident response team cuts per-capita cost by $12.60, encryption knocks off another $12, employee training shaves $8 and an effective business continuity program reduces costs down another $7.10.
By becoming more diligent on these three fronts, enterprises of all sizes can make sure their proverbial townsfolk and their hard-earned greenbacks and property deeds stay safely locked behind the county bank vault and out of the hands of next raiding posse.
It’s time to circle the wagons and start taking breach protection more seriously.
Learn about CIS’s first five controls and examine what each control addresses.
Learn about how privacy programs and the importance of being prepared for a breach.
Learn about the constant vigilance of continuous security monitoring.