[BreachExchange] Top 5 Ways to Reduce the Cost of a Data Breach

Audrey McNeil audrey at riskbasedsecurity.com
Mon Feb 12 19:01:51 EST 2018


According to the 2017 Cost of Data Breach Study, data breach costs in 2017
averaged $3.62 million. This is a large sum, but depending on factors such
as the number of records exposed or the nature of the leaked information,
losses can be much greater and even include reputational damages that may
take several years to reverse.

Reducing the cost of data breaches is a vital consideration for any good
security strategy. In fact, when a breach occurs, many factors can
influence its cost, either increasing or decreasing the final amount. Some
of those aspects are external to the company, such as laws and regulations,
and must be accepted as they are.

However, there are several factors that fall within the boundaries of
company control and, if properly used, can greatly reduce the impact of a
data breach. These factors can turn a crisis that could put a large
enterprise out of business into a manageable situation.

Here are six ways you can reduce cost of data breaches at your organization.

1. Deploy an Incident Response Team

Assembling an incident response team involves tasks such as:

- Developing an incident response policy and plan
- Creating formal procedures for performing incident handling and reporting
- Determining the necessary guidelines for communicating with outside
parties, both - internal (e.g., legal department) and external (e.g., law
enforcement agencies)
- Defining the response team structure and required training

Once this planning phase is complete, an incident response team works by
detecting, analyzing and trying to contain and eradicate any possible
breach situation. Even in cases where a breach is detected after
information leaves the organization’s control, the incident response team
can still help by eradicating the probability of further leaks, while also
providing essential information to other teams to reduce the incident
impact (i.e., crisis management, communications, legal).

According to the 2017 Cost of Data Breach Study, the use of a fully
functional incident response team reduces the cost of data breaches by $19
— from $141 to $122 (average cost per lost or stolen record).

2. Take Advantage of Encryption Technology

Encryption plays a key role into reducing the chances of a data leak. For
instance, it can protect both data at rest (e.g., files saved on a
computer, server, mobile device or Cloud) and data in transit (e.g.,
information downloaded or uploaded over the Internet, used by an
application, sent over an email or instant messenger).

In either case, if a cybercriminal captures encrypted information it will
be of no use, provided he does have the means to reading it (e.g., using
private encryption keys or exploiting an outdated encryption algorithm).
This makes the extensive use of encryption throughout a company a great
strategy for reducing the average cost of a data breach.

3. Provide Security Awareness Training for Employees & Other Related Parties

Employee security awareness training is yet another great strategy for
reducing the chances of a data breach. For starters, workers should be made
aware of corporate security policies and basic security principles,
including directives (e.g.,  restrictions when copying files to USB drives
or sending email attachments) and the consequences of violating rules. This
should reduce the likelihood of insiders taking part, either willingly or
by accident, in a breach.

Security awareness training can also greatly reduce the success rate of
attacks commonly associated with data breaches like phishing. Even when a
cybercriminal successfully carries out an attack, it is far more likely
that a security-aware employee will report the attack to the incident
response team.

4. Create a Data Classification Policy & Use a Good Data Loss Prevention
(DLP) Solution

Data classification basically means categorizing information based on
specific criteria (e.g., public, internal use or confidential) in order to
ensure it can be protected in accordance to its value to the company. This
process helps organizations determine what information is considered
sensitive, who should have access to it, and how it should be handled,
copied or discarded.

Once sensitive information has been identified, it is also possible to use
a DLP solution to help detect and prevent data breaches. For example, it is
possible to detect when confidential information is copied to a USB drive
or sent by email through a DLP. In both cases, a good DLP solution could
either send a notification to an incident response team for investigation,
prevent files from being copied or simply ask for further approval before
the information is copied or the email is sent. In terms of reducing the
cost of data breaches, DLP solutions can be very effective, as long as the
information is properly classified/identified.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20180212/1253bee8/attachment.html>

More information about the BreachExchange mailing list