The numbers are terrifying: IBM and the Ponemon Institute say the average cost of a corporate data breach is now $3.92 million per incident. Digital Guardian says the costs are harder to quantify, changing by industry and ranging from $1.25 to $8.19 million.
But the latest studies show data breaches are gifts that keep on giving; much of the cost associated with these incidents occur even years later. Here are some tips for cutting these costs in your business.
Understanding the Costs of a Data Breach
Ask Capital One about the cumulative costs of the data breach that compromised 140,000 Social Security numbers and 80,000 bank account numbers as part of one of the largest data breaches to date. All in all, more than 100 million Capital One customers in the U.S. and six million in Canada were compromised. The damage and costs could be felt for years to come. CNN reports the costs to Capitol One should run between $100 million to $150 million, including customer notifications, credit monitoring, technical costs, legal support, and marketing designed to rebuild the brand.
While this is just one dramatic incident, it’s part of a larger trend that shows hacker activity costs about 12% more than it did five years ago.
Cutting the Costs of a Data Breach
Having a strong incident response is crucial to saving money after a data breach. The IMB Ponemon Institute’s report shows that companies took on average more than 200 days to identify a data breach. Then it took another 73 days to mitigate it. The time a hacker spends inside your network can be highly damaging. The study showed that companies able to contain the breach before the 200 days spent $1.23 million less to mitigate the damage.
Fast detection and corporate responsiveness are crucial when a breach occurs. Hackers are getting better at hiding their tracks, so corporate efforts to monitor networks and detect breaches using sophisticated technologies are important. Proactively hunting for the threats and taking steps to undo the damage starts with a solid disaster recovery plan.
Creating a disaster recovery plan that encompasses a data breach is just as important these days as planning for inclement weather. Most of the c-suite has heard the expression, “Failing to plan is like planning to fail.” This is nowhere truer than in the IT space, where data breaches have been increasing exponentially over the past decade. Today, the latest estimates suggest more than 10 billion consumer records were exposed during that timeframe.
Having a disaster recovery plan in place and then practicing it at least annually will save organizations $1.25 million of the average cost of a data breach, according to TechRepublic. Establishing an incident response team to identify and mitigate a data breach is the best way to contain costs. That’s because the less time a hacker spends in your environment, the more money you will save.
Blackstone helps companies mitigate the risk of a security breach by providing skilled technologists to help you stay one step ahead of hackers. Call us and keep your data safe.