Key Takeaways from IBM's Cost of Data Breach Report 2020
Recently we discussed the Human OS and how you can better protect your organization from data breaches in our "Patching the Human OS" webinar. You can watch the entire 30 minutes presentation here.
At the beginning of our presentation we discussed some takeaways from the IBM "Cost of Data Breach Report". Every quarter IBM releases this report that is full of great insights that tell help us look at what bad actors have been up to lately and what kind of trends we are seeing in breaches. With these insights we can better prepare for how to protect organizations from being breached from bad actors. Below we are highlighting a few of the most important takeaways from the most recent "Cost of a Data Breach Report". IBM offers their report as a free download, you can download the entire report for yourself here.
Here are some key takeaways from the report:
Largest cost category of a breach is the loss of business - avg. $1.52 Million
There are many reasons that a data breach can lead to loss of business. One way is that a data breach can cause your organization to have to temporarily suspend day-to-day business or slow down your typical processes while you are dealing with and fixing your security issues. Another reason for a loss of business after a breach is a loss of trust from your clients or customers. A data breach can be a bad look for those that are trusting your with their business and in turn often times trust you with their sensitive personal information.
Average time to detect and contain a data breach - 280 days
When bad actors get into your network they aren't often making any big drastic moves right off of the bat. Many times bad actors will sit on your network for days, months, even years, to slowly take data, watch your day to day activities, and get the information they need to make the biggest impact they can. This is why detection is an important part of your cybersecurity planning. If bad actors happen to make it through your firewall and security perimeters, you need to have something monitoring your network to be sure no one is in there gaining access and information that they shouldn't be.
Of all breaches in the report, almost a quarter were caused by human error, 14% were caused by phishing specifically
While you can have all of the security measures in place that you can think of to protect your network and data, unfortunately the number one way that bad actors get access is through your human operating system. Bad actors know that humans are humans after all and are susceptible to human error, this is why they prey upon weak leaks in your organization and use your teammates to trick them into giving them information that allows them to access your network and data.
Of factors that lower the cost of a breach, employee training is number 5, saving an average of $238,019 on the cost of a data breach.
With cybersecurity threats continuing to grow and become more costly to organizations of all sizes, it is now more important than ever to continue to educate your Human OS to look out for phishing and breach attempts. Regular training is a vital step to protecting your data.
If you are interested in discussing how you can protect your organization by educating your users, we are happy to discuss our Get Covered Aware offerings for your. Our unique phishing testing and training programs will help you assess your Human OS weaknesses and continuously train your users to help them from falling victim to any phishing schemes in the future. For more information contact us or call us at 574.534.2830.