It’s well known that a data breach can have a huge impact on an organization. From the initial discovery and through forensic investigation and remediation, a data breach places a huge amount of immediate strain on IT resources. Then, there are the follow-on costs: loss of business, reputational damage and the likelihood of fines levied by data watchdogs for breach of regulations.
The financial and other impacts of a data breach can be quite severe as highlighted recently in Ponemon’s recent Cost of a Data Breach report. Sponsored by IBM Security, Ponemon analyzed hundreds of cost factors relating to breaches, including technical investigations, recovery, notifications, legal and regulatory activities, and the cost of lost business and reputation. It found that the average cost of a breach totaled $3.86m – an increase of 6% compared to 2017.
Containing the cost
One of the key factors behind these punishing costs was the amount of time it took to identify a breach. On average, according to the report, organizations required 197 days to identify a breach and a further 69 days to contain it upon detection. Unsurprisingly, the report found that the longer it took to contain the breach, the greater the cost of the incident. Organizations that contained breaches in fewer than 30 days saved more than $1M overall per breach compared to those that required longer than a month.
The report also found that security automation is another major contributor to limit how much a data breach ultimately ends up costing. Organization’s that deployed automated security technologies saved over $1.5m on the total cost of a breach compared with those that had not deployed security automation at all.
The automation advantage
Automating security processes frees up skilled IT and security staff to focus on remediation, enabling them to contain a breach far more efficiently and effectively while ensuring that overall security posture is not reduced. Furthermore, an automation solution, such as security policy management, offers greater visibility across the network by providing a detailed map of applications and connectivity flows. Having full visibility of the network and application connectivity enables security teams to respond to incidents more efficiently and effectively. Blind spots delay investigation of incidents after the initial alert, so improving visibility can significantly improve containment time, reducing the overall cost of any breach, as shown in the Ponemon report.
Mitigating the impact
In addition to achieving the superior visibility that reduces containment times, there are additional steps that organizations can take to help improve detection times and mitigate the potential damage of any data breach. Let’s look at some of the measures all organizations should take:
The threat of a data breach never going to disappear, but by taking mitigating measures and capitalizing on the benefits of automation, organizations can ensure that the cost and impact of breaches will be minimized.
Receive notifications of new posts by email.