It's summer in Spain, and I finally understand why it's so difficult to speed up projects in Europe. Everyone is at the beach or getting away from the imperious wheater that for this 2022, once again, achieves records of high temperatures in several cities on the continent.
This gives me time to analyze and deepen many reports and information shared in the cybersecurity ecosystem worldwide.
On August 3, IBM presented the "Cost of a Data Breach Report 2022" study, an analysis that presents the effectiveness of cybersecurity operation programs worldwide and that helps us focus efforts on what can really help companies to reduce the impact of loss or theft of sensitive data for companies.
The IBM report defines a methodology to understand the costs of data loss, considering 4 elements within the assessment:
This methodology manages to effectively quantify what a data loss incident can cost operationally, without including other qualitative elements that impact the reputation and sustainability of the business that we cannot ignore.
The global study helps us understand how different sectors are becoming interesting targets for cybercriminals and which, through their evolution in the cybersecurity posture, are no longer the main ones. Below we present the evolution of the sectors in the last 3 years, based on the results of the average cost of the data breach.
The most affected sector with an average cost of USD 10.1 MM per Data Breach is HEALTH.
Sectors with industrial control systems (ICS) continue to trust blindly. 25% of those who responded to the survey affirm that they have suffered from Ransomware attacks or destructive attacks. 80% do not have a secure network architecture that supports interconnection with the IoT cloud and remote access, this type of organization increased data breaches by USD 1.17 MM.
The attack vectors remains the same. The highest risk is found in the theft of credentials through techniques such as Phishing or the exposure of credentials through other methods.
Compromised credentials have a cost of USD 4.5 MM and a Dwell Time of 327 days, increasing the cost by 3% compared to 2021 but reducing detection and containment capacity by 14 days.
The third-party software vulnerability vector increased its cost by 5% compared to 2021, increasing to USD 4.55 MM and improving detection and containment capacity in 2 days.
The bad configuration of the Cloud is the third vector that increases the cost the most compared to 2021 with 7% reaching USD 4.14 MM, with a Dwell Time of 244 days.
The following are some of the factors that most increase the risk of a data breach in organizations:
When we talk about third parties involved in the attack, we are referring to vectors such as third-party software vulnerability, lateral movement of the attacker through third-party access, among others.
Migration to the cloud becomes a critical factor due to the lack of knowledge of shared responsibility models and controls oriented to native cloud technologies that differ greatly from cybersecurity strategies for legacy and onpremise environments.
Lately there has been a lot of talk about simplifying security, Gartner defines the unification of providers as a trend, but we must think about how the entire architecture integrates and improves with continuous learning.
It is the first time a comprehensive list of controls and how they reduce the cost of breaches are presented.
Platforms with Artificial Intelligence help reduce the impact of a data breach by USD 300,075
If we review the technological controls that best manage the risk of a data breach, you can focus on:
Controls were integrated into processes and procedures such as:
Although SOAR is not presented as a key technological control, much emphasis is placed on automating as much as possible in our cybersecurity processes and operations.
Training and skills development becomes a critical control.
For 10 years we have assumed the responsibility of supporting our clients in the unified cybersecurity operation where the response to incidents becomes critical. Our Prevention, Detection and Response approach integrates a series of controls that we assume and operate continuously, constantly evolving. With this analysis carried out by IBM, we understand that several of our controls contribute significantly to mitigating the risk of a data breach. Below we show our capacities and the associated controls and the amount that it manages to reduce against said risk.
A3Sec Group, after more than 20 years dedicated to transforming the cybersecurity function into a data-supported function, developing a SIEM and implementing its security operations centers in hundreds of organizations, has developed capabilities that bring managed services to a service of Unified Cybersecurity Operation through its CSVD®, do you want to know more? Let us shield you!