aidarrow-end-inversearrow-endarrow-left-angulararrow-left-angularWhy choose AvectoAchieve complianceOperational efficiencycompliancedefendpoint-coloureddefendpoint-thin-2DesktopScaleResources.iconsAsset 21insider-threatsavecto-logo-smallquotation-marksransomwareArticleUse caseWebinarResources.iconssafePrevent attacksAsset 19social-engineeringTrustedtriangleStop insider attacksAsset 20Resources.iconsResources.iconszero-days

Blog

What is the true cost of a security breach?

Jonathan Clarke

Data security is arguably one of the most important issues that businesses today must face, with the wide array of threats that are currently out there meaning no organization can ever be 100 percent safe.

Understanding the need to tighten security and to implement safeguards both in terms of technology and employee practices is therefore a must for all businesses. That said, doing so can be a complex undertaking, but failure to take the risks associated with weak data security seriously can prove extremely costly for firms.

 

Costs can extend beyond the financial

According to the Ponemon Institute's 2017 Cost of Data Breach Study, the average total cost of a data breach to companies last year stood at $3.62 million per incident, with $141 the average cost per lost or stolen record.

Overall, the research showed that in almost half (47 percent) of all reported cases of data breach last year, this came as a result of a malicious or criminal attack. In the remainder of cases, the report stated these were highlighted as a result of glitches in technology or human error.

Meanwhile, companies most at risk of data breach were shown to include those in the healthcare and financial services sectors, with associated average costs for these businesses shown to be the highest of all report participants - $380 and $245 on average per lost or stolen record.

The financial impact of failure to monitor and protect your data effectively can therefore be significant. That said, organizations that suffer a breach in security and a subsequent loss of data stand to lose more than just money from their lack of preparedness. What can be more devastating to a business than a hit to their bank balance is the associated hit to their reputation, which can have a longstanding debilitating impact.

 

Protection of data has never been more paramount in a world of advanced cybersecurity threat.

 

Why should companies act now?

Today, the number of threats to business data security is growing all of the time. Indeed, the 2018 Internet Security Threat Report from Symantec shows the tools of cyber attackers are increasing and becoming ever more sophisticated with each passing day.

According to the report, organizations are being increasingly faced by targeted attacks on their networks and connected devices, with IoT attacks rising by more than 600 percent in the year so far.

Businesses can add to that the fact the number of malware implants have grown by more than 200 percent year-on-year and an explosion in cases of cryptojacking (up by 8,500 percent).

It's therefore easy to see the importance of implementing strong and effective safeguards to protect your sensitive data and IT systems from harm and exploitation.

 

How do we better prevent breaches?

Organizations must realize there are a number of practical steps that can be taken to help safeguard their sensitive and private information. It is a matter of appreciating the common threats that businesses are likely to face and taking action to reduce their exposure to risk.

One of the most straightforward and cost-effective steps to achieving this goal can be the removal of admin rights for all staff within your organization. By doing so, this ensures that the area of influence of any account that does become compromised by a malicious outside agent is greatly reduced.

The removal of admin rights should be viewed as a simple yet effective first step to enhanced data security for any organization, with our Defendpoint platform able to prevent breaches without hindering productivity.

Avecto Defendpoint's best-in-class privilege management and application control makes admin rights removal simple and scalable across desktops and servers to ensure compliance, security and efficiency.