No one wants to suffer a data breach, but unfortunately, in today's environment, it's difficult to avoid them altogether. Studies have found that approximately 83% of organizations have experienced more than one data breach. (IBM Security 2022 Cost of a Data Breach Report) These breaches incur many costs, such as remediating the breach, lost productivity, lost business, lost customer trust, and potentially even fines and legal fees. According to IBM Security's report, the average cost of a data breach in 2022 rose 2.6% to $4.35 million globally, $9.44 million in the U.S., and $5.64 million in Canada. These damages aren't limited to major corporations either, as while the cost of data breaches for smaller companies tends to be lower, they are often much more devastating. An estimated 60% of small companies go out of business within six months of a cybersecurity breach. Thankfully, there are some proven tactics they can take to mitigate the costs and limit the damage of a data breach. All these findings come from the IBM Security report and include hard facts on the benefits of bolstering your cybersecurity strategy.
Use a Hybrid Cloud Approach
Researchers have found that around 45% of all data breaches happen in the cloud. Of course, not all cloud strategies and their respective data breaches are equal. Breaches of public clouds cost significantly more than those in a hybrid cloud. A hybrid cloud strategy means that some data and processes are in a public cloud, and some are in a private cloud environment. What some may find surprising is that, in the event of a cyberattack, using a hybrid cloud approach resulted in less damage and costs than a private cloud.
Put in Place an Incident Response Plan & Practice It
Every organization with digital assets should create an incident response (IR) plan. An IR plan is a set of instructions for employees to follow during a cybersecurity incident to minimize damage and resolve the issue as quickly as possible. For example, in the case of ransomware, the first step should be disconnecting the infected device from the rest of the network. IR plans improve the speed and effectiveness of a response in the face of a security crisis. Having a practiced incident response plan reduces the cost of a data breach by an average of $2.66 million per incident.
Adopt a Zero Trust Security Approach
Zero trust is a cybersecurity framework that experts are recommending businesses implement to fortify their networks. Some of the highly effective security protocols employed by zero trust include:
- Multi-factor authentication
- Least privileges
- Contextual user authentication
Adopting zero trust can significantly reduce data breach costs. Organizations that don't deploy zero-trust tactics pay about $1 million more per data breach.
Use Tools with Security AI & Automation
Using the right security tools can make a big difference in reducing the cost incurred during a data breach. Tools that deploy security AI and automation brought the most significant cost savings, lowering data breach expenses by 65.2%. These types of solutions include tools like advanced threat protection (ATP) and applications that hunt out threats and automate the response.
How to Get Started Improving Your Cyber Resilience
Many of these ways to lower data breach costs are already considered cybersecurity best practices. You can get started by taking them one at a time and rolling out upgrades to your cybersecurity strategy. Working with a trusted IT provider, develop a roadmap of all the cybersecurity improvements you want to implement. Address the "low-hanging fruit," like enabling MFA, first, then move on to longer-term projects like a comprehensive IR plan.