The longer it takes to identify and remediate a data breach, the more severe the potential implications for your organisation. That’s why early breach detection should be a top priority for any responsible business.
First comes the immediate operational impact. If the breach involves having to take key systems offline, each hour of downtime can mean loss of revenue. The better you are at spotting and responding to the problem, the quicker you can plug the loss.
Then there are the wider commercial and reputational consequences surrounding data security. Privacy legislation - most notably GDPR - requires you to be proactive in protecting personal data. You need to identify whose data has been impacted, and you generally need to notify persons affected, along with the regulator. Delays can lead to fines, public criticism, legal claims, and, most importantly, loss of customer trust. A shorter data breach response time can dramatically reduce the amount of damage suffered, to the reputation of the company.
In their 2019 data breach study, the Ponemon Institute and IBM recently highlighted what this means for businesses. The global average total cost of a data breach stands at $3.92m. For smaller organisations, the average total cost per employee is in excess of $3,500.
Here’s why early detection is so valuable, and how you can keep your business safe.
Early detection should inform you of the nature of every cyber breach (e.g. credential theft, malware, human error or unauthorised access by a rogue insider). It also enables you to work out what data has been impacted, and whether it’s an on-going leak or a one-off event.
On average it takes a staggering 297 days for an enterprise to identify a breach from when it actually occurs. The earlier the detection, the quicker you can take action to prevent any on-going loss of data. The longer it takes to detect, the higher the financial costs of a breach. Advanced breach detection technologies are available, and provide the early warning necessary for this mitigation to take place.
Financial gain is a common motivation for hackers. They lift a haul of customer credentials, including contact details, passwords and user names from a company’s database. Then they offer this information for sale over the Dark Web, to be exploited by other users.
The earlier your organisation is aware of a hack, the quicker you can notify affected parties. You can advise them to change their passwords and take other remedial action. In this way, you are in control of the message. Reputation-wise, this is of course far preferable to your customers finding out about a problem by reading the news.
Almost a third of customers are willing to switch companies if they think their data isn’t safe.
Major data breaches happen - and customers realise this. But, if your company is seen as being too slow to act or to keep them informed, it’s a pretty strong incentive to look for an alternative. Savvy organisations recognise the value of having a robust data breach response plan, and communicate this across all key stakeholders, well in advance of any requirement to execute on it.
GDPR requires you to have reasonable measures in place to minimise the risks of personal data breaches happening in the first place. If a significant breach does occur, the law requires you to notify affected persons, along with the regulator.
With embedded threat intelligence, and a robust early detection strategy in place, it makes it easier to show the regulator you have acted reasonably. It can increase your ability to provide the ICO with a comprehensive account of what happened, what you’ve done about it - and what you’ve learned. All of this can make your dealings with the ICO less time consuming, costly and stressful.
There isn’t a single ‘quick fix’ to magically improve your data breach response time.
Companies need to adopt a range of measures, specific to their risks. It starts with modern data breach detection tools and improved risk intelligence: i.e. monitoring the landscape for relevant data breach risks. You may already be monitoring your own network and systems for the type of anomalies that might indicate a breach has occurred. You also need the ability to monitor outside your network (on the surface, deep and Dark Web) to determine if your critical information is out there.
If you're concerned at your level of threat intelligence, here are some specific actions to take:
Consider the level of security risk for your organisation, and assess your current breach readiness via a cyber threat assessment.
Compile and implement a vigorous data security strategy and data breach response plan, to ensure optimum protection to the reputation of your organisation, in the event of a cyber breach or data leak.
Evaluate modern breach detection tools for suitability in your situation.
Leverage global threat intelligence and minimise the risk of major data breaches in future.
To discover how timely Digital Risk Protection can be put to work in your organisation, and to evaluate your own cyber security requirements, speak to us today.