You may think that data breaches are an unlikely risk for you and your business. But the reality is such threats increasingly impacts companies of all sizes. In fact, the global average cost of a data breach in 2021 equated to US$4.24 million (AUD 5.82 million), up by 10% when compared to the previous year, according to the Ponemon Institute.
This cost does not calculate ransom payments; it does however, assess other factors, including detection and escalation, notification, lost business and post response activities.
With data breaches becoming an everyday risk, we’ve also seen the growth of related cybercrimes, crippling companies even further. This was the case of Colonial Pipeline, where the attackers threatened to leak stolen data if a ransom was not paid.
So, how can Australian businesses minimise the financial impact and prevent a data breach?
Understand how data breaches occur
Alarmingly, it takes organisations 287 days on average to identify and contain a breach, a further seven days compared to 2020 (280 days). During this time, the attacker moves undetected through various parts of an organisation to gain access to user accounts for fraudulent activities. Essentially, the longer a threat is in your environment, the more damage it can cause to your business financially.
We often learn about company data breaches involving large amounts of sensitive information being leaked, but the reality is data breaches can occur in many ways. However, in a hybrid work environment where employees have access to the organisations’ network, systems and data, internal threats are just as dangerous. A simple employee error and even lost or stolen devices can expose data via email or cloud infrastructure and make it easier for cybercriminals to perform cyberattacks.
Adopt a prevention mindset
Many organisations will have security teams and controls in place to address potential threats. However, with threat actors infiltrating organisations for weeks and even months undetected, businesses need to understand how effective their cybersecurity capabilities are at protecting against new and evolving threats.
We’ve seen how critically exposed systems provide an open door for cybercriminals to exploit organisations, and the financial investment involved with remediating incidents outweighs the prevention. By implementing effective security controls to prevent threats in the first place, businesses can minimise to potential probability and cost of a data breach.
Mitigate the risks
As organisations continue with their remote workforces, automation plays an instrumental role in prevention in the evolving landscape. Mitigating risks to identify and block threats before they reach the vulnerable systems can alleviate the business and financial impact of a cyberattack. We recommend organisations apply the below strategies to prevent risks:
- Prioritise Top Attack Vectors: Re-evaluate the security effectiveness of all the tools and processes for top attack vectors. Make sure you understand where you are vulnerable and deal with it. Focus on preventing the attacks from minimising damage and cost.
- Incident Response Plans & Tabletop Exercise: Continually fine-tune your Incident Response playbooks and carry out tabletop exercises under new normal conditions.
- Cloud Security Posture Management: CSPM must be a non-negotiable if you have a cloud strategy.
- Consolidate Security: Simplify your cyber security controls. Stop throwing point products because it will cost you much more in the long run.
- Cyber security capability: If you do not have a mature cyber security practice, outsource some of your security requirements to a third party Managed Detection & Response (MDR) provider. This approach will help organisations quickly mature their cyber security capability.
- Endpoint & Email Security: Make sure you have a way to block or neutralise threats delivered to employees via both their corporate and their personal emails.
Work with a local expert
Our post-incident analysis demonstrates that most threats leading to a data breach could have been prevented. The attacks compromising organisations aren’t sophisticated; instead, cybercriminals take advantage of security oversights which is why a prevention mindset is crucial for business’ continuity.
At Check Point Software, our dedicated experts from our Incident Response team work with organisations to strengthen their cybersecurity controls through multi-threat analysis and real-time remediation, to support businesses in better understanding a cyberattack and prevention.
Ashwin Ram is cyber security evangelist at Check Point Software Technologies.