Data breaches are costing organisations around the world more than ever. The latest annual study from IBM claims an increase of 6% from last year to reach $3.9m per victim enterprise today. In some European countries the figure is even higher. The good news is that there’s plenty of insight in the report that should help CISOs improve their cybersecurity strategies. However, as the latest breach revelations have shown, it’s not just your organisation you need to worry about but also your suppliers.
On the rise
Costs associated with breaches can range from the direct (remediation and clean-up, legal bills and ID protection services for victims) to the indirect (lost customers, damaged reputation and employee productivity losses). Although the US topped the country list in terms of average breach cost per organisation ($7.9m), Germany ($4.7m), France ($4.3m), the UK ($3.7m) and Italy ($3.4m) all came in the top half of the global table.
Mega breaches of one million records can cost an estimated $39m, while the total cost of 50m compromised records can be as high as $350m. Unfortunately, these major incidents are no longer so few and far between.
It’s not all doom and gloom, though, with IBM sharing some useful tips on how organisations can look to reduce these losses. It’s well understood by now that breaches are inevitable in the modern, digital-first world. But there are still things you can do to minimise the chance of them happening or, in a worst-case scenario, reduce their impact. These include:
Staff training: This can lower the per-record cost of a breach by as much as $9, according to IBM. But not all training programmes are created equal. To stand the best chance of changing user behaviour consider providers that can offer real-world phishing simulations which can be tweaked over time as the threat landscape changes. They should be offered in small, easy-to-digest lessons and provide feedback so managers can check how well their efforts are progressing.
DLP: Data loss prevention technologies can reduce breach costs by $7/record by spotting and blocking sensitive data leaving the organisation. It’s especially useful in preventing accidental data loss. IBM claims as many as 27% of global breaches are caused by human error.
AI tools: These can offer firms an advantage in spotting patterns indicative of a breach which human eyes and traditional tools might miss. AI can also be set to work to learn normal email behaviour in order to better spot phishing attacks. The technology as a whole can apparently reduce breach costs by $8 per record.
Encryption everywhere: It goes without saying that by implementing strong encryption at rest and in transit, you can go a long way toward mitigating the worst effects of a breach.
Incident response: Having an effective incident response team is the most effective way to reduce breach costs — by $14/record, according to IBM. In fact, enterprises that contained a breach in under 30 days saved over $1 million versus those that took more than 30 days, according to the report. Yet still the mean time to containment stands at a disappointing 69 days.'One threat group has been specifically targeting digital suppliers in order to compromise the code they develop for client e-commerce sites in order to “skim” customer card details.' ~@philmuncasterClick To Tweet
Beware the supply chain
However, there’s another factor to bear in mind when building out an effective data protection and breach response programme. Recent high-profile breaches have shown us that the supply chain remains a major source of risk for all organisations. In fact, it was revealed that one threat group, known as Magecart, has been specifically targeting digital suppliers in order to compromise the code they develop for client e-commerce sites in order to “skim” customer card details virtually as they pay online.
This global campaign is thought to have affected as many as 800 online retail sites including some belonging to major brands such as Ticketmaster. It’s another reminder that you must extend the same high security standards among your digital supply chain. Regular audits and vulnerability scans are essential to ensure ongoing compliance. It’s not only best practice, but is required by the GDPR, which was designed specifically to increase accountability and transparency in data protection.
No organisation today can claim to be 100% breach-proof. But by taking a risk-centric approach to managing suppliers and putting in place some best practice security processes, as above, you can help to minimise the chances of being hit, and/or of any resulting costs. Consolidating on fewer vendors is always a good idea in order to reduce costs, close security gaps and reduce the admin burden for stretched IT teams.
Phil Muncaster is a technology writer and editor with over 12 years’ experience working on some of the biggest technology titles around, including Computing, The Register, V3 and MIT Technology Review. He spent over two years in Hong Kong immersed in the Asian tech scene and is now back in London where information security has become a major focus for his work.