Written by Patrick Kilgore presented by Chuck Leaver CEO Ziften.
Recently 2 significant reports were published that celebrated large anniversaries. On the one hand, we saw the Mary Meeker 20th yearly Internet research study. A part of the original industry analysis on the Internet was led by Meeker many years ago and this report saw her mark 20 years of influencing opinions on the Internet. And ten years after Meeker’s very first observations on the Internet there was the first research study of data breach expenses by the Ponemon Institute.
Just 10 years after the creation of the Internet it was revealed that there is an awful disadvantage to the service that supplies major advantages to our businesses and our lives. Today there are more annual research studies released about data breaches than the Internet itself. Just recently we invested hours evaluating and digesting two of the biggest data breach reports in the market, the already cited Ponemon report and the now very influential Verizon DBIR (the report is important enough simply to use an acronym).
There were intersections between the two reports, however the Verizon report is worthy of credit due to the fact that if you’ve been able to do anything in security for 10 years, you should be doing something right. There are numerous intriguing statistics in the report however the factors for the total costs of data breaches skyrocketing were of the most interest to us.
The Ponemon research studies have exposed three drivers behind the increased expense of a breach. The very first is that cyber attacks have increased in number and this has actually correlated in greater expenses to remediate these attacks. An increased per capita cost from $159 to $170 year on year has actually been cited. That’s a 5% jump from 42% to 47% of the overall root causes of a breach. Also, lost profits as a result of a data breach have actually increased. In the aggregate, this increased from $1.33 M to $1.57 M in 2015. The reasons are because of the abnormal customer turnover, the increased acquisition activity, and loss of goodwill that results from being the target of a harmful attack. However, the most interesting reason offered is that data breach expenses associated with detection and escalation have increased.
These costs consist of investigations and forensics, crisis group management and audits and evaluations. Now the pattern appears to be gathering pace at just shy of a whopping $1Billion. Organizations are only now beginning to deploy the systems required to continually monitor the endpoint and provide a clear picture of the origin and complete impact of a breach.
Organizations not only need to monitor the proliferation of devices in a BYOD world, but also aim to enhance the security resources they have actually already invested in to decrease the expenses of these investigations. Risks have to be stopped in real time, rather than recognized retrospectively.
“Avoidance might not be possible in the world we reside in.” With destructive threats ending up being more and more typical, organizations will need to develop their M.O. beyond standard AV services and look to the endpoint for total defense,” stated Larry Ponemon in his webcast with IBM.