Cybersecurity
4 Proven Ways to Mitigate the Costs of a Data Breach
No business wants to suffer a data breach. But in today's environment, they are difficult to avoid entirely.
No business wants to suffer a data breach. But in today's environment, they are difficult to avoid entirely. Approximately 83% of organizations have experienced more than one data breach, according to the IBM Security 2022 Cost of a Data Breach Report. Breaches hurt businesses in multiple ways: immediate remediation costs, lost productivity, lost business, damaged customer trust, and potentially significant legal costs.
According to IBM Security's report, the cost of a data breach climbed again in 2022. The global average cost of one breach is now $4.35 million, up 2.6% from the prior year. For U.S. businesses, the average rises to $9.44 million. Costs for smaller companies tend to be lower, but breaches are often more devastating to small and mid-sized businesses because they lack the resources larger companies have to offset those costs. It is estimated that 60% of small companies go out of business within six months of a cybersecurity breach.
Companies do not have to accept breach damage as inevitable. There are proven tactics that can significantly mitigate the costs, and all of the following findings come directly from the IBM Security report.
1. Use a Hybrid Cloud Approach. Most organizations use the cloud for data storage and business processes, and researchers found that 45% of all data breaches happen in the cloud. However, not all cloud strategies carry equal risk. Breaches in the public cloud cost significantly more than those in a hybrid cloud environment, which combines public cloud with a private cloud. Interestingly, the hybrid approach also outperformed a private-cloud-only strategy in terms of breach cost reduction.
2. Put an Incident Response Plan in Place and Practice It. You do not need to be a large enterprise to have an incident response (IR) plan. An IR plan is simply a documented set of instructions for employees to follow when a cybersecurity incident occurs. For example, in the case of ransomware, the first step should be disconnecting the infected device from the network. Having a practiced incident response plan reduces the cost of a data breach by an average of $2.66 million per incident by improving the speed and effectiveness of the response.
3. Adopt a Zero Trust Security Approach. Zero trust is a collection of security protocols that work together to fortify a network. These include multi-factor authentication, application safelisting, and contextual user authentication. Approximately 79% of critical infrastructure organizations have not yet adopted zero trust. Organizations that do not deploy zero trust tactics pay about $1 million more per data breach on average.
4. Use Tools with Security AI and Automation. Using the right security tools can make a significant difference in breach costs. Tools that deploy security AI and automation brought the biggest cost savings in the IBM report, with data breach expenses lowered by 65.2% compared to organizations without these capabilities. These types of solutions include advanced threat protection (ATP) and tools that automatically hunt out threats and initiate a response.
How to Get Started Improving Your Cyber Resilience.
Many of these breach cost reduction strategies are simply cybersecurity best practices. You can start by addressing the lower-effort items first. Multi-factor authentication, for example, is low-cost and relatively easy to implement, yet it significantly reduces the risk of a cloud breach. Longer-term projects, such as creating and drilling an incident response plan, can be built out over time with the help of a trusted IT partner.
Need Help Improving Your Security and Reducing Risk?
The team at Cyber One Solutions can help you put together a cybersecurity roadmap that addresses your most immediate vulnerabilities and builds toward stronger long-term resilience. Contact us today to schedule a chat.