Lower the Price Tag of a Data Breach with Threat Intelligence

Word writing text Threat Intelligence. Business concept for analyzed and refined information about potential attacks.

Detecting and containing a data breach takes the better part of a year, approximately 280 days, for the average organization, according to IBM’s 15th annual Cost of a Data Breach Report, Unfortunately, the longer it takes to identify a breach, the bigger the price tag of the overall breach lifecycle. 

This year’s report found that more than half (52%) of breaches are the work of malicious actors. Of those, 13% of breaches are reportedly caused by nation state attackers.The findings also revealed that more attackers are using compromised credentials and leveraging cloud misconfigurations to gain access to the organization’s networks.

Interestingly, “the average total cost of a data breach declined slightly in this year’s report, from $3.92 million last year to $3.86 million this year,” but the report cautioned that this slight reduction is not indicative of a plateau. Rather, “our study appears to show a growing divide in data breach costs between organizations with more advanced security processes, like automation and formal incident response teams, and those with less advanced security postures in these areas.”

The report noted, “Four process-related activities drive a range of expenditures associated with an organization’s data breach: detection and escalation, notification, post data breach response and lost business.” Mitigating those costs demands a defense in depth approach, but it doesn’t mean that organizations should spend freely. There is no silver bullet that will make any organization impenetrable, but there are smart ways to invest that will reduce the overall cost of a data breach. 

The Importance of Timely Detection

Time to detection matters and significantly impacts the overall cost, and “Businesses that had not deployed security automation saw an average total cost of $6.03 million, more than double the average cost of a data breach of $2.45 million for businesses that had fully deployed security automation.” Additionally, threat intelligence sharing tools can lower the average cost of a data breach by $202,874.

Companies need to have visibility into their most critical threats, but security information and event management (SIEM) and user behavior analytics (UBA) don’t go far enough. These tools detect many intrusions, but they don’t always detect when a legitimate user has been the victim of a phishing attack that resulted in a malicious actor gaining authorized access to the environment. 

Layering these tools with a platform that provides real time threat intelligence of “confirmed compromises” is an important strategy for reducing the time to detection and speeding up the incident response process. Prevailion’s own intelligence platform shows many active corporate breaches that have remained undetected for many months, in spite of the organization’s size and likely budget allocation for cybersecurity. While budget size certainly matters, it is important for organizations to spend that money wisely, and improving their time to detection is critical for reducing the overall cost of future breaches.

The Latest

Prevailion CEO, Karim Hijazi, discusses China hacking Microsoft Exchange

Hijazi discusses Microsoft hack parallels with SolarWinds and how China and Russia likely execute their cyber campaigns.

Prevailion CEO, Karim Hijazi, discusses China’s attack on Microsoft

See Prevailion CEO, Karim Hijazi, comment on how nation states use proxy groups to compromise organizations through weaker supply chain points.

Prevailion CEO, Karim Hijazi, discusses second Solar Wind hack

See Prevailion CEO, Karim Hijazi, weigh in on a second solar winds hack and how elite hacker groups have likely already compromised many top companies around

Copyright 2021 Prevailion, Inc. All rights reserved.    

Disclaimer: Gartner “Cool Vendors in Security Operations and Threat Intelligence,” Mitchell Schneider, Ruggero Contu, John Watts, Craig Lawson, October 13, 2020. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. Gartner Disclaimer: The GARTNER COOL VENDOR badge is a trademark and service mark of Gartner, Inc. and/or its affiliates and is used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s Research & Advisory organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.