[BreachExchange] Ways to Reduce the Exorbitant Costs of a Data Breach

Destry Winant destry at riskbasedsecurity.com
Mon Nov 19 20:02:42 EST 2018 

https://securityboulevard.com/2018/11/ways-to-reduce-the-exorbitant-costs-of-a-data-breach/

Reducing the cost of data breaches is a vital consideration for any
good security strategy. In fact, when a breach occurs, many factors
can influence its cost, either increasing or decreasing the final
amount. Some of those aspects are external to the company, such as
laws and regulations, and must be accepted as they are.

However, there are several factors that fall within the boundaries of
company control and, if properly used, can greatly reduce the impact
of a data breach. These factors can turn a crisis that could put a
large enterprise out of business into a manageable situation.

Here are six ways you can reduce cost of data breaches at your organization.

1. Deploy an Incident Response Team

Assembling an incident response team involves tasks such as:

- Developing an incident response policy and plan
- Creating formal procedures for performing incident handling and reporting
- Determining the necessary guidelines for communicating with outside
parties, both internal (e.g., legal department) and external (e.g.,
law enforcement agencies)
- Defining the response team structure and required training

Once this planning phase is complete, an incident response team works
by detecting, analyzing and trying to contain and eradicate any
possible breach situation. Even in cases where a breach is detected
after information leaves the organization’s control, the incident
response team can still help by eradicating the probability of further
leaks, while also providing essential information to other teams to
reduce the incident impact (i.e., crisis management, communications,
legal).

According to the 2017 Cost of Data Breach Study, the use of a fully
functional incident response team reduces the cost of data breaches by
$19 — from $141 to $122 (average cost per lost or stolen record).

2. Take Advantage of Encryption Technology

Encryption plays a key role into reducing the chances of a data leak.
For instance, it can protect both data at rest (e.g., files saved on a
computer, server, mobile device or Cloud) and data in transit (e.g.,
information downloaded or uploaded over the Internet, used by an
application, sent over an email or instant messenger).

In either case, if a cybercriminal captures encrypted information it
will be of no use, provided he does have the means to reading it
(e.g., using private encryption keys or exploiting an outdated
encryption algorithm). This makes the extensive use of encryption
throughout a company a great strategy for reducing the average cost of
a data breach.

3. Provide Security Awareness Training for Employees & Other Related Parties

Employee security awareness training is yet another great strategy for
reducing the chances of a data breach. For starters, workers should be
made aware of corporate security policies and basic security
principles, including directives (e.g.,  restrictions when copying
files to USB drives or sending email attachments) and the consequences
of violating rules. This should reduce the likelihood of insiders
taking part, either willingly or by accident, in a breach.

Security awareness training can also greatly reduce the success rate
of attacks commonly associated with data breaches like phishing. Even
when a cybercriminal successfully carries out an attack, it is far
more likely that a security-aware employee will report the attack to
the incident response team.

4. Create a Data Classification Policy & Use a Good Data Loss
Prevention (DLP) Solution

Data classification basically means categorizing information based on
specific criteria (e.g., public, internal use or confidential) in
order to ensure it can be protected in accordance to its value to the
company. This process helps organizations determine what information
is considered sensitive, who should have access to it, and how it
should be handled, copied or discarded.

Once sensitive information has been identified, it is also possible to
use a DLP solution to help detect and prevent data breaches. For
example, it is possible to detect when confidential information is
copied to a USB drive or sent by email through a DLP. In both cases, a
good DLP solution could either send a notification to an incident
response team for investigation, prevent files from being copied or
simply ask for further approval before the information is copied or
the email is sent. In terms of reducing the cost of data breaches, DLP
solutions can be very effective, as long as the information is
properly classified/identified.

More information about the BreachExchange mailing list