What Does Lax Security Really Cost Enterprise?
By: Mohie Ahmed
There is no end in sight when it comes to the continued growth of digital security breaches, as well-funded and determined bad actors reap the benefits of stealing data and holding organizations hostage by attacking and disabling systems and networks in even the most regulated industries.
With billions more endpoints connected, including databases, applications, enterprise systems, IoT, OT automation, and more, the risk of doing nothing is exponentially increasing. Controlling access across all networks, devices, and databases, locally and in the cloud, is fundamental to protecting everything an organization connects.
According to an IBM report, the average cost of a data breach in 2020 was $3.86 million, with the U.S. leading all other countries given an average cost per breach of $8.64 million. Healthcare industry breaches are the most expensive at $7.13 million on average, and overall, it took organizations 280 days to identify and contain a breach.
The Ponemon Institute, founded in 2002 by Dr. Larry Ponemon, and considered one of the top research centers dedicated to privacy, data protection, and information security policy, also reports on annual trends, and their research quantifying the cost of a data breach has become valuable to organizations seeking to understand the business impact of lost or stolen data.
They recently surveyed 634 IT and IT security practitioners who are knowledgeable about their organizations’ cybersecurity technologies and processes, tapping into their experience of maintaining and implementing security technologies, and conducting assessments, leading security teams, and testing controls.
The study concludes that when attacks are prevented from entering and causing any damage,
“organizations can save resources, costs, damages, time, and reputation.”
To determine the economic value of prevention, respondents were first asked to estimate the cost of one of the following five types of attacks: phishing, zero-day, spyware, nation-state, and ransomware.
They were then asked to estimate what percentage of the cost is spent on each phase of the cybersecurity lifecycle, including prevention. Because there are fixed costs associated with the prevention phase of the cybersecurity lifecycle, such as in-house expertise and investments in technologies, there will be a cost even if the attack is stopped before doing damage.
For example, the average total cost of a phishing attack is $832,500, and of that, 82 percent is spent on detection, containment, recovery, and remediation. Respondents estimate 18 percent is spent on prevention. Thus, if the attack is prevented, the total cost saved would be $682,650 (82 percent of $832,500), according to the analysis.
While high profile ransomware attacks have led to more organizations like the Colonial Pipeline this year being shut down by criminal rings in search of big paydays, it is impossible to tell just how many of these attacks are occurring and succeeding, and lawmakers are now moving to force enterprises and government agencies to disclose them to the public, or at least to law enforcement.
One cybersecurity agency estimates that ransomware will cost the world approximately $20 billion this year, a 57x jump from 2015. The latest estimates released by the company have been generated based on a 30% growth in incidents year-over-year.
Cybersecurity Ventures predicts that the damage caused by ransomware could cost the worldwide stage $265 billion by 2031, based on this type of cybercrime attacking both enterprises and consumers at a rate of one attack every few seconds.
The Ironsphere business analysis team last year launched a free calculator as part of our mission to help organizations understand not only the aggregate numbers but to determine their specific risk profile based on the size, type, and vertical industry aspects of their organizations.
There has never been a more important time for Security Management teams to step up more comprehensive measures to address risks than now.
The Ironsphere team works with many large communications service providers, global banks, healthcare organizations, and while each is different, what is common is the heightened recognition of the risks associated with leaving systems, data, and information and productivity applications unsecured.
Most successful attacks exploit valid credentials that have been stolen or compromised in some way, which is why a modern and flexible Privileged Access Management (PAM) solution is fundamental to reducing risk, including growing fines and reputational damage, which are completely avoidable.
The effort involved in managing privileged access and granting and revoking access on an as-needed basis is something that can be done with the right software, and which can dramatically reduce the burden on IT administrators, who continue to struggle without this quality of automation and intelligence.
We are helping our clients improve their overall security posture when privileged access can also be automatically revoked when the need no longer exists.
We also published a white paper on the topic of risk avoidance and risk management, which you can download for free here.
In a single, brief meeting, one of our analysts can take you through a detailed calculation based specifically on your organization’s attributes and illuminate the ROI associated with investing in the best PAM and related security solutions on the market.
Regulatory compliance is becoming harder, and IT security teams responsible for protecting networks, systems, data, and other assets are being hard-pressed to keep up with increasingly strict regulations, which are in place for all the right reasons – but can be daunting.
According to a Deloitte “Third Party Governance and Risk” report, 83% of organizations experienced a third-party incident in the past 3 years, 11% of them with a severe impact and 35% with a moderate impact on customer service, financial position, reputation, or regulatory compliance.
The impact of the global pandemic has brought the requirement for more intelligent, sophisticated threat analytics, given the damage being done as attacks on networks, applications and databases increase, and new threats surface that could take down entire mission critical systems, including those which are needed more than ever in times of medical and environmental crises.