News and Comment: IBM Study – Hidden Costs of Data Breaches Increase Expenses for Businesses

IBM Study: Hidden Costs of Data Breaches Increase Expenses for Businesses

IBM Study: Hidden Costs of Data Breaches Increase Expenses for Businesses

NEWS: IBM (NYSE: IBM) Security today announced the results of a global study examining the full financial impact of a data breach on a company’s bottom line. Overall, the study found that hidden costs…

IBM Study: Hidden Costs of Data Breaches Increase Expenses for Businesses

HIGHLIGHTS:

• Average cost of a data breach of 1 million compromised records is nearly $40 million dollars
• At 50 million records, estimated total cost of a breach is $350 million dollars
• The vast majority of these breaches (10 out of 11) stemmed from malicious and criminal attacks (as opposed to system glitches or human error)
• The average time to detect and contain a mega breach was 365 days – almost 100 days longer than a smaller scale breach (266 days)

COMMENTS:

Christian Vezina, CISO, OneSpan:

“Why is it that in spite of ever-increasing spending in cybersecurity ,organizations worldwide are still hit with major data breaches? The security perimeter has dissolved and as a result the attack surface has increased way beyond what organizations want to realize. With the prevalence of IoT, increased mobility and cloud usage, the use of complex supply chains, and the increased speed of business, organizations can’t get a complete grasp over their attack surface. Organizations will need to re-think their cybersecurity investments and prioritize their initiatives carefully.  If what you do doesn’t work, you may want to change your approach. As you cannot possibly protect from everything, you will probably be better off shifting your cybersecurity investments and approach from ‘prevention only’ (which seems to be failing) to a ‘detect and respond’ approach.”

Jonathan Sander, CMO, STEALTHbits Technologies:

“One thing we see is what turns a run of the mill breach into a mega-breach is the attacker getting insider access. Sometimes that happens because it’s insider threat and they had it all along. Most of the times an attacker captures insider access through weak configurations and exploitation of busy users. With insider level access, the bad guys can strike at less well secured but still information rich targets like documents, scanned information, and other file data. If you look at all the largest breaches that have hit the headlines, they all included attackers running off with saved emails, scanned contracts, and simple files filled with passwords. That stuff is truly toxic and is only available once the bad guys make that leap to insider status and turn these incidents into mega-breaches.”