Data breaches are getting more expensive – IBM Security

• Compromised credentials and cloud misconfigurations are the root causes of data breaches
• The average cost of data breaches has increased 
• About 70% of companies expect the abrupt shift to remote working will exacerbate data breach costs 

The average data breach costs businesses US$3.86 million. That’s according to a report by IBM Security, based on the experience of more than 500 organizations worldwide, which attributed hacked employee accounts as the most expensive root cause. 

For data breaches exposing more than 50 million records, costs on dealing with the problem – which would span resources assigned to fix the problem, legal costs and regulatory fines, and dealing with the reputational fallout – had risen to US$392 million in 2020, up US$4 million from last year. The majority (80%) of these incidents led to the exposure of customers’ personally identifiable information (PII) – the costliest piece of data for businesses, and the most valuable target for criminals. 

Cloud misconfigurations

The IBM business suggested that increasingly complex cloud environments are becoming a significant chink in enterprise security. This has become one of the most common ways by which digital criminals gain a foothold into infrastructure-as-a-service (IaaS) environments, and can result in some of the most expensive and damaging data breaches.

Among many other instances, this was the cause behind the breach of Capital One, when an misconfigured web application firewall gave access to a server containing 140,000 Social Security numbers, 1 million Canadian Social Insurance numbers, 80,000 bank account numbers, and an undisclosed number of customers’ personal information.

In this case, the breach was estimated to have cost between US$100 – 150 million, while the Ponemon Institute reported that close to 33.4 billion records were exposed due to cloud misconfigurations within the last two years.

Greg Young, vice president of cybersecurity for Trend Micro, said: “cloud-based operations have become the rule rather than the exception, and cybercriminals have adapted to capitalize on misconfigured or mismanaged cloud environments.”

Remote working risks

Significant in the current climate, IBM Security also explored how remote working can bring additional enterprise security risks. About 70% of organizations adopting teleworking expect it will exacerbate data breach costs. Despite growing cybersecurity awareness, a separate IBM study also found that more than half of the employees new to remote working have not been provided with new guidelines in managing customer PII amid the abrupt shift to working from home. 

The report suggested there was a growing gap between companies adopting advanced security technologies and those lagging behind. This resulted in a cost-saving difference of up to US$3.58 million for organizations equipped with automated technologies in security as compared to those who have yet to adopt it. 

“When it comes to businesses’ ability to mitigate the impact of a data breach, we’re beginning to see a clear advantage held by companies that have invested in automated technologies,” said Wendi Whitmore, vice president, IBM X-Force Threat Intelligence. One of the perks touted included shorter response time to breaches, which is set to minimize damages and hasten the recovery stage. 

Seperate research from Databarracks released this week concluded that for the first time, there has been a decrease in cyberattacks involving data loss, from 17% last year to just 13% in 2020. And firms that invested in cybersecurity technology also showed a high prevalence of cybersecurity skills and believe they are prepared to face the current threat landscape – although the relationship could be more to do with companies’ all-round cybersecurity awareness than the technology they’re using. 

Peter Groucutt, managing director of Databarracks commented that “it looks like we are finally starting to turn the tide” against cyber-attacks. 

Groucutt continued: “These improvements are the result of sustained investment and effort over several years. However, it needs to be emphasized that defending against these threats is an ongoing battle. We might have closed the gap in the arms-race with cybercriminals but if we don’t keep up our pace, we’ll soon fall behind.”