Arraya Insights | July 14, 2016
What’s the best way to minimize the financial impact of a data breach? The easy answer? Don’t have one. While describing that ideal end state may be easy, anyone in IT security knows actually achieving it is not. For today’s cyber crooks, data breaches are a business and, according to one recent survey, business is booming.
In their recent report entitled the “2016 Cost of Data Breach Study: Global Analysis,” The Ponemon Institute and IBM investigated the financial implications of IT breaches. Chief among their findings was that the impact of data breaches continues to grow year over year. This most recent study found the average total cost of a data breach in the US is $7.01 million. That’s a 7.35% increase over the levels recorded last year and 20% over those seen in 2014.
Breaches haven’t only gotten more expensive, they’ve also gotten bigger. The average size of a data breach in terms of the number of files affected went up 3.2%.
Limit the consequences of a cybersecurity breach
Obviously keeping cyber crooks at arm’s length is the best way to keep breach-related costs down. However, there are other steps businesses can take. Here are three other ways organizations can limit the financial fallout from IT security incidents:
- Deploy an Incident Response Team – When a breach is uncovered, a business needs a team that can jump in and take ownership of the situation through to its conclusion. As per the above survey, the presence of an incident response team can have a very positive influence on the cost per capita (or cost per file affected) of a data breach. The average per capita cost is $158. With an incident response team, that average per capita cost drops to $142. This type of team has a greater impact on reducing costs than extensive use of encryption and even increased employee training. Tip: If your security team lacks the resources or the skill sets needed for this role, a Managed Services for Network Security provider like Arraya Solutions can help. These services connect customers with experts to more effectively manage security solutions, allowing onsite IT to better respond to threats.
- Catch and Contain Quickly – Unsurprisingly, sniffing out and bottling up breaches faster results in a smaller financial impact. Still, it’s helpful to have stats to clearly demonstrate the extent to which speed matters. According to the Ponemon/IBM study, the mean time to identify (MTTI) data breaches is 201 days. Breaches with an MTTI of greater than or equal to 100 days have an average total cost of $4.38 million while breaches with an MTTI of under a hundred days cost $3.23 million. As for mean time to contain (MTTC) breaches, the average is 70 days. Breaches with an MTTC greater than or equal to 30 days cost $4.35 million, while those with an MTTC of under 30 days cost $3.18 million. Tip: A best of breed Managed Services provider will keep eyes on your system 24/7/365. That way, whether an incident occurs during normal business hours or the dead of night, it won’t go unnoticed.
- Focus on Customer Retention – The bad PR and loss of trust stemming from a data breach can send customers into the hands of your competition. The Ponemon/IBM research shows US-based businesses are especially susceptible to customer turnover – and they’re the hardest hit financially by it. The US placed fourth on the list of the highest rates of abnormal customer churn over a three-year period. Also, the US led the way when it came to the financial impact caused by lost customers, losing $3.97 million worth of business post-data breach. The next closest area, the Arabian cluster, lost just $1.96 million. Tip: Customer retention efforts during and after an event like a breach are critical and it means a lot if IT is involved in those efforts. By taking the lead on nuts and bolts management efforts, a Managed Services team frees onsite IT to work with troubled customers as well as to devise big picture strategies to prevent future complications.
Bolster your network security capabilities
What to find how more about how Arraya’s award-winning Managed Services team can help your business achieve its security goals? Also, our team’s expertise extends beyond security, covering areas such as cloud, infrastructure, UC, Office 365, and more. Click HERE to start a conversation that can change the way you think about IT.