A recent study by IBM has found that hidden costs in data breaches are extremely expensive to manage.
Over 1 million records derived from businesses over mega breaches can cost up to US$40million dollars, according to the study.
Ilia Kolochenko, CEO and founder of web security company High-Tech Bridge, commented: “Breach investigation and remediation can be quite expensive and require partial shutdown of operations and interruption of business-critical processes. Even worse, you never know how long the impact will last: in some cases, people may quickly forget about the incident, in others, it can take decades to expunge negative memories and stereotypes.”
Security automation tools
For the first time, IBM examined the effect of security automation tools which use artificial intelligence, machine learning, analytics and orchestration to augment or replace human intervention in the identification and containment of a breach.
The analysis found that the organisations that have extensively deployed automated security technologies saved over US$1.5million on the total cost of a breach.
“AI technologies are mainly used for intelligent automation and acceleration of various complicated tasks and processes. However, per se, AI is not a panacea, and if desultory applied – worth virtually nothing. Most of the breached companies failed not because of bad technologies they use, but to their overall lack of coherent cyber security strategy,” continued Kolochenko.
“Many large companies don’t even have an up-to-date and comprehensive inventory of their digital assets with business-critical data, let alone properly implemented continuous security monitoring and anomaly detection. Cyber security should start with a holistic risk assessment and coherent risk mitigation strategy, not with a particular technology that may be unsuitable for your company, people or processes.”
IBM also analysed the publicly reported costs of several high profile mega breaches and found the reported numbers are often less than the average cost found in the study. This is likely due to publicly reported cost often being limited to direct costs, such as technology and services to recover from the breach, legal and regulatory fees, and reparations to customers.
“Organisations need to build a comprehensive and up-to-date inventory of all their digital assets: software, hardware, users, data and licenses. Then assess and prioritise the risks and threats to these assets,” advised Kolochenko.
He also noted that a risk-based cybersecurity roadmap should be launched and continuously measured and that it’s important to emphasise continuous security monitoring, anomaly detection, strong authentication and role-based access controls.
Written by Leah Alger