One of the most pressing cybersecurity concerns for organisations today is preventing the exfiltration of sensitive data. Even companies whose main focus is not digital or technological in nature have to manage, store, send, and receive considerable amounts of data in the course of regular business operations. While cybersecurity is not always a top priority for all enterprises, it must be seriously considered and treated with the gravitas it deserves. It is crucial for businesses to know and understand the costs and dangers associated with data breaches, how they occur, how to prevent them, and how to respond in the event of a successful breach.
There are a variety of different ways that a data breach incident can occur based on what Verizon’s Data Breach Investigation Report (DBIR) calls the four A’s: actor, action, asset, and attribute. The actor refers to the person or people causing the breach either intentionally or unintentionally, the action refers to the specific activity that enables the breach, the asset refers to “the entities that can be affected in an incident,” and the attribute refers to what data is compromised. Attributes are broken down into three categories for ease of understanding and better analysis: confidentiality, integrity, and availability.
According to the 2023 DBIR, 83% of breaches originated from external sources, while 19% could be traced to internal actors. The number one action involved in data breach incidents is the use of stolen credentials, accounting for more than 40% of incidents. This is followed by the category of “other” and ransomware, each present in over 20% of incidents. The top asset by far is servers (over 80%), followed by people and user devices (around 20%). When it comes to what kind of data is breached, the top confidentiality attribute is personal information, followed by credentials, internal data, and systems data.
A data breach incident can be significantly damaging to an enterprise, both in the obvious sense of financial losses and sensitive information leaking and in less direct ways. In IBM’s 2022 Cost of a Data Breach Report, the average cost of a data breach is reported as USD 4.35 million, marking an all-time high. Combining this figure with the fact that 83% of organizations have experienced more than one breach, and 60% increased the cost of their products or services due to the data breach, we can clearly see that the impact on a business can be staggering. The size of a business is a major element in calculating the potential losses of data breaches, as well as the type of breach.
While the financial cost of detection and escalation, notification, post-breach response, and lost business is formidable, there are other factors to contend with as well. Many high-profile companies have been the targets of attacks that led to data breaches, often more than once, which can take a notable toll on their reputation. The organizations that oversee data privacy regulations can choose to fine a company, which factors into the cost of remediation, but repeated or consistent inability to prevent data breaches may invite more severe methods of enforcement from regulatory boards. This can include legal action against the company.
Remediating a data breach incident is likely to be costly and both time- and labour-intensive; preventing a breach saves a lot of trouble in the long run. While there is no sure-fire way to guard against all data breaches and leaks all of the time, there are relatively simple guidelines that can go a long way toward protecting an enterprise. Restricting user access using the principle of least privilege means that compromised or malicious insiders have less enterprise data at their disposal and protects the most sensitive information. Ensuring employees receive effective cybersecurity training also covers many human error situations that can lead to data breaches.
It is important for security professionals and teams to utilise a combination of different practices, policies, and tools to build a robust and layered security strategy. Every organisation is different, and no solution will be universally helpful. Evaluating your company’s needs and resources, and regularly revisiting them to update your approach, is vital to be certain that whatever security plan is in place, it is always the right one for your particular needs at that particular time.
Data breaches are upsettingly common and can have a variety of causes, from a small error on the part of an internal actor to a calculated attack by a cybercriminal. Dealing with a data breach places a significant strain on an enterprise due to remediation costs, downtime, labour, and occasionally more severe consequences. While a data breach can be incredibly costly, it doesn’t need to debilitate your business; with the right combination of security tools and practices, it is possible to prevent many data breaches, as well as more easily remediate incidents when they do occur.