The Rising Cost of Data Breaches and Tips for Prevention
Data breaches have a dual impact differing from other types of cyberattacks in that they put attacked organizations’ customers, employees, and vendors at future risk for identity theft and fraud. According to IBM’s 2021 Cost of a Data Breach Report, businesses lost an average of $180 per record of Personally Identifiable Information (PII) for stolen or lost records. Even anonymized data costs organizations suffered losses of around $157 per record.
Data breaches are also different because they don’t necessarily have to be aware of the attack. In April of last year, it was reported that over 550 million Facebook records were scraped. If companies accidentally leave customer or employee data exposed on the open internet, data scraping tools can capture that information in seconds.
A Growing List of Data Breach Attacks
The cost of a data breach is rising. We saw incredibly high-impact data breaches in 2020, such as when Russian intelligence slipped malware into a routine Solar Winds software update, gaining access to data in multiple government agencies, including the CISA. Also in 2020, Garmin was attacked by a Russian hacking group with malware that decrypted all of their files, shutting their business down completely for several days. Garmin reportedly paid the attackers around $10 million for the decryption key. Even with these prominent and costly attacks in 2020, the average cost of a data breach increased by 10% from 2020 to 2021, bringing the average cost to $4.24 million per breach.
In May of 2021, we witnessed the ransomware attack on Colonial Pipeline, an attack that impacted gas prices for millions of consumers. The company paid hackers around $5 million after they had successfully shut down the pipeline for six days. The attack was the result of a single compromised VPN password. In June, Volkswagen reported that more than 3 million customers and prospective customers had their data exposed online at some point within a 9-month period when a sales and marketing database was left unsecured. In August, T-Mobile reported that data from 100 million customers had been stolen, including driver’s license and social security numbers. Thirty million of these were found for sale on the Dark Web. In December, Kronos, an HR and workforce management software firm, suffered a ransomware attack that compromised the data of their clients and their employees, delaying city and hospital worker’s paychecks for more than a month. The list goes on.
Why Are Data Breaches So Costly?
Part of the reason data breaches are so expensive is because they take an average of 287 days to identify and contain. By the time this happens, millions of records can be stolen without anyone noticing. Data breach costs include crisis management and communication (such as notifying those who have been compromised), business disruption, lost customers, reputation damage, reissuing customer accounts, and legal and regulatory costs. For large corporations, it’s easy to see how data breaches can cost upwards of $5 million.
Data Breach Vectors and Tips For Cybersecurity Prevention
Implement a Zero Trust Security Framework
With an increasingly distributed workforce, increased cloud adoption, and an ever-growing Internet of Things, it will become essential to adopt and implement a zero-trust security framework. Zero trust assumes there is no network perimeter. According to NIST, “Zero trust assumes there is no implicit trust granted to assets or user accounts based solely on their physical or network location.” Access to resources is granted on a per session basis and is policy-based. Users are only granted the minimum permissions needed to complete their tasks. To establish a zero-trust framework, the network security team must implement continuous network monitoring and continuous authentication. By constantly monitoring networks, devices, and behaviors, a prompt for reauthentication can occur only when an anomaly is detected – for example, a user changes over to a different wi-fi network or device.
Provide Education on Phishing
According to IBM’s Cost of a Data Breach Report, compromised credentials and phishing were the methods used in nearly 40% of breaches. The importance of creating a password with a certain level of complexity may be obvious to some, but many employees are still using easy-to-guess passwords.
NordPass analyzed data from 15,603,438 breaches and found that 20% of passwords maintained by employees of Fortune 500 companies were the name of the company. Even more shocking, the word “password” is still a commonly used password.
Educate employees on password hacks and password best practices on a regular basis. It’s also necessary to regularly provide employees information about phishing attacks, how they occur, and how to prevent them. Send staff test emails to make them more aware of what phishing attempts look like.
Diversify Your Infrastructure
IBM’s report found that 17% of data breaches occurred due to cloud misconfiguration. They also found costs were much higher for companies with all public cloud infrastructures ($4.8 M) compared to companies with hybrid cloud ($3.6 M) and all private cloud infrastructures ($4.5 M). While a hybrid infrastructure can introduce complexity, diversification allows companies not to put all their eggs (or all their data) in one basket. Mitigate complexity by using network monitoring tools that exchange data across systems. Also, back up all critical data. Ensure that all data is encrypted in the cloud and isolate the most critical infrastructure.
Mitigate with Incident Response
To mitigate the cost and other negative effects of data breaches and attacks, it’s important to develop an incident response plan and test this plan on an annual basis. According to IBM’s Cost of a Data Breach Report, having and regularly testing an incident response plan saved organizations approximately $2 million per breach.
A well-developed incident response plan includes forming an incident response team and preparing each team member in their role with regular drills. Incident response teams should be trained to identify breaches, contain them, eradicate them, and recover and restore systems. It’s also important to have a crisis communication plan in place that includes notifications and updates for affected customers as well as media and social media communications.
Security Advantages With Colocation Data Center Services
Colocation offers several benefits from a security perspective. While many cyberattacks involve software-based attack vectors that work equally well regardless of which type of facility a workload is hosted in, investing in security to protect your IT assets is a crucial aspect of cybersecurity prevention.
One of the least mentioned advantages of colocation facilities to protect your data assets from a cyber-attack comes from network security in colocation facilities. Colocation data centers have highly complex and if desired, highly private networking configurations to connect workloads from one data center to another, or to your on-premise and cloud environments. Advanced DDoS protection at Element Critical data centers can provide unmatched network protection and industry-leading mitigation. Learn more at [email protected]