Lower the Price Tag of a Data Breach with Threat Intelligence

Word writing text Threat Intelligence. Business concept for analyzed and refined information about potential attacks.

Detecting and containing a data breach takes the better part of a year, approximately 280 days, for the average organization, according to IBM’s 15th annual Cost of a Data Breach Report, Unfortunately, the longer it takes to identify a breach, the bigger the price tag of the overall breach lifecycle. 

This year’s report found that more than half (52%) of breaches are the work of malicious actors. Of those, 13% of breaches are reportedly caused by nation state attackers.The findings also revealed that more attackers are using compromised credentials and leveraging cloud misconfigurations to gain access to the organization’s networks.

Interestingly, “the average total cost of a data breach declined slightly in this year’s report, from $3.92 million last year to $3.86 million this year,” but the report cautioned that this slight reduction is not indicative of a plateau. Rather, “our study appears to show a growing divide in data breach costs between organizations with more advanced security processes, like automation and formal incident response teams, and those with less advanced security postures in these areas.”

The report noted, “Four process-related activities drive a range of expenditures associated with an organization’s data breach: detection and escalation, notification, post data breach response and lost business.” Mitigating those costs demands a defense in depth approach, but it doesn’t mean that organizations should spend freely. There is no silver bullet that will make any organization impenetrable, but there are smart ways to invest that will reduce the overall cost of a data breach. 

The Importance of Timely Detection

Time to detection matters and significantly impacts the overall cost, and “Businesses that had not deployed security automation saw an average total cost of $6.03 million, more than double the average cost of a data breach of $2.45 million for businesses that had fully deployed security automation.” Additionally, threat intelligence sharing tools can lower the average cost of a data breach by $202,874.

Companies need to have visibility into their most critical threats, but security information and event management (SIEM) and user behavior analytics (UBA) don’t go far enough. These tools detect many intrusions, but they don’t always detect when a legitimate user has been the victim of a phishing attack that resulted in a malicious actor gaining authorized access to the environment. 

Layering these tools with a platform that provides real time threat intelligence of “confirmed compromises” is an important strategy for reducing the time to detection and speeding up the incident response process. Prevailion’s own intelligence platform shows many active corporate breaches that have remained undetected for many months, in spite of the organization’s size and likely budget allocation for cybersecurity. While budget size certainly matters, it is important for organizations to spend that money wisely, and improving their time to detection is critical for reducing the overall cost of future breaches.

The Latest

Post thumbnail image

Information Technology Manager

The Information Technology Manager works to support Prevailion’s IT assets, employees and mission critical systems. In this role, you will wear many hats and work collaboratively with internal teams to deploy, manage, and maintain systems and infrastructure key to the company’s success and growth of Prevailion.

Post thumbnail image

Threat Intelligence Researcher

The Threat Intelligence Researcher works in Prevailion’s Intelligence team. In this role, you will work collaboratively with internal teams to deploy, manage, and maintain systems and infrastructure key to the Intelligence team’s success and growth and that of Prevailion.

Post thumbnail image

Senior Threat Intelligence Researcher

The Senior Threat Intelligence Researcher works in Prevailion’s Intelligence team. In this role, you will work collaboratively with internal teams to deploy, manage, and maintain systems and infrastructure key to the Intelligence team’s success and growth and that of Prevailion.

Copyright 2021 Prevailion, Inc. All rights reserved.    

Disclaimer: Gartner “Cool Vendors in Security Operations and Threat Intelligence,” Mitchell Schneider, Ruggero Contu, John Watts, Craig Lawson, October 13, 2020. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. Gartner Disclaimer: The GARTNER COOL VENDOR badge is a trademark and service mark of Gartner, Inc. and/or its affiliates and is used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s Research & Advisory organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.