4 Proven Ways to Mitigate the Costs of a Data Breach

No business wants to suffer a data breach. But  unfortunately, in today’s environment, it’s difficult to completely avoid  them. Approximately 83% of organizations have experienced more than one data  breach. (IBM Security 2022 Cost of a Data Breach Report)

These breaches hurt businesses in many ways.  First, there is the immediate cost of remediating the breach. Then, there are  the lost productivity costs. You can add lost business on top of that, and  lost customer trust. A business could also have extensive legal costs  associated with a breach.

According to IBM Security’s report, the cost of a  data breach climbed again in 2022. The global cost of one breach is now $4.35  million, up 2.6% from last year. If your business is in the U.S., the cost  rises to $9.44 million. In Canada, the average data breach costs companies  $5.64 million.

Costs for smaller companies tend to be a little  lower. But breaches are often more devastating to SMBs. They don’t have the  same resources that larger companies do to offset all those costs.

It’s estimated that 60% of  small companies go out of business within six months of a cybersecurity  breach.

Companies don’t need to resign themselves to the  impending doom of a data breach. There are some proven tactics they can take  to mitigate the costs. These cybersecurity practices can limit the damage of  a cyberattack.  

All these findings come from the IBM Security  report. They include hard facts on the benefits of bolstering your  cybersecurity strategy.

Cybersecurity  Tactics to Reduce the Impact of a Breach

Use a  Hybrid Cloud Approach

Most organizations use the cloud for data storage  and business processes. Researchers found that 45% of all data breaches  happen in the cloud. But all cloud strategies are not created equally.

Breaches in the public cloud cost significantly  more than those in a hybrid cloud. What is a hybrid cloud? It means that some  data and processes are in a public cloud, and some are in a private cloud  environment.

What some may find surprising is that using a  hybrid cloud approach was also better than a private cloud.

Graph from: IBM  Security/Ponemon Institute 2022 Cost  of a Data Breach Report

Put in  Place an Incident Response Plan & Practice It

You don’t need to be a large enterprise to create  an incident response (IR) plan. The IR plan is simply a set of instructions.  It's for employees to follow should any number of cybersecurity incidents  occur.

Here is an example. In the case of ransomware,  the first step should be disconnecting the infected device. IR plans improve  the speed and effectiveness of a response in the face of a security crisis.

Having a practiced incident response plan reduces  the cost of a data breach. It lowers it by an average of $2.66 million per incident.

Adopt a  Zero Trust Security Approach

Zero trust is a collection of security protocols  that work together to fortify a network. An example of a few of these are:

·          Multi-factor  authentication

·          Application safelisting

·          Contextual user authentication

Approximately 79% of critical infrastructure  organizations haven’t adopted zero trust. Doing so can significantly reduce  data breach costs. Organizations that don’t deploy zero trust tactics pay  about $1 million more per data breach.  

Use Tools  with Security AI & Automation

Using the right security tools can make a big  difference in the cost incurred during a data breach. Using tools that deploy  security AI and automation brought the biggest cost savings.

Data breach expense lowered by 65.2% thanks to  security AI and automation solutions. These types of solutions include tools  like advanced threat protection (ATP). They can also include applications  that hunt out threats and automate the response.  

How to  Get Started Improving Your Cyber Resilience

Many of these ways to lower data breach costs are  simply best practices. You can get started by taking them one at a time and  rolling out upgrades to your cybersecurity strategy.

Working with a trusted IT provider, put together  a roadmap. Address the “low-hanging fruit” first. Then, move on to  longer-term projects.

As an example, “low-hanging fruit” would be  putting multi-factor authentication in place. It’s low-cost and easy to put  in place. It also significantly reduces the risk of a cloud breach.

A longer-term project might be creating an  incident response plan. Then, you would set up a schedule to have your team  drill on the plan regularly. During those drills, you could work out any  kinks.

Need  Help Improving Your Security & Reducing Risk?

Working with a trusted IT partner takes a lot of  the security burden off your shoulders. Give us a call today to schedule a  chat about a cybersecurity roadmap.


Article used with permission from The Technology Press.