by Evan Hildebrandt

The high cost of late mitigation for everyone

Taxpayers and consumers are paying for the late detection of hacker infiltration, fiscally and in terms of information they thought secured. The average cost of breach containment was $3.86 million in 2020, but that’s not the end.

One of the larger breaches from 2020. Data used from Identity Force’s compilation of 2020’s largest data breaches. This caused over 50 million records to be exposed.

 

 

Headline from The Drum about Facebook’s recent outage (10/04/2021) and doesn’t factor in the fall of stocks.

 

 

Causes of data breach root causes in the USA, the UK, and Germany. Data obtained from the 2020 IBM data breach report.

 

Quick Facts
  • Average time to detect and contain a malicious intrusion is 315 days.
  • Only 5% of folders are secured correctly.
  • $3.58 million dollars: the amount a company saves with a fully automated system vs no security automation.
  • Data breaches exposed over 4 billion record in the first six months of 2019.
  • Reports indicated that an attempt to infiltrate a system is made once every 39 seconds.

 

“These small additional steps, they may slow down some of the processes incrementally, add a little bit of cost, a few percent here and there, but they’ll make us tremendously more secure.” –from Erik Brynjolfsson, director of the MIT Initiative on Digital Economy on Cybersecurity not being taken seriously enough

 

“Risk rate every area of your business and align security measures to your most vulnerable (areas).” –Mike Harris, partner in cybersecurity services at Grant Thornton, on cybersecurity risk

 

I had noticed a lack of people talking about the overall cost of a cybersecurity breach, and what the scope of the financial impact is.  I thought this would be an interesting topic to explore. How much money are you “saving” by not properly training and securing your system?

Proper investment in cybersecurity ultimately will save companies, the government, and consumers money in the long run. This is especially true when considering mega breaches, which are breaches of over 50 million documents, averaging a cost of $392 million. The cost of a data breach has increased 5.3% from 2020 in the USA.

This cost has been steadily rising, and an investment in cybersecurity now can save everyone in the future, especially among large organizations that are apt to be targeted, including corporations and governments. This cost will ultimately be passed on to tax-payers, or to the consumers of products/services that corporations offer.

In my opinion we need to consider what we prioritize in terms of security, and truly consider all the impacts that not properly training our staff and securing our systems has.

 

References

IIBM Data Breach Report 2020; Communications Today; For.ie published article by Mike Harris; Legaljobs.io list of worrying cybersecurity statistics; A. James Clark study; https://www.thedrum.com/news/2021/10/05/facebook-s-six-hour-outage-costs-estimated-79m-ad-revenue-loss; https://www.identityforce.com/blog/2020-data-breaches; Info Security Magazine’s article on the T-mobile data breach