More organizations are operating under the assumption of network compromise. This is wise, as cybercrime continues to increase in frequency, type, and cost. While they work to fortify their defenses, organizations still have little guidance about what to do immediately after a breach. Most organizations understand the need to mitigate damage and data loss. But they should also provide timely information to law enforcement – a step that often leads to better long-term, sustainable solutions to battling cyber threats that are unlikely to go away after one incident.
According to Kaspersky Labs, 90 percent of businesses have experienced a cyberattack. Eighty percent of healthcare executives surveyed by KPMG said their organizations had been compromised by a cyberattack in the past two years. Only half said they were adequately prepared.
In 2016, the Ponemon Institute pegged the global average cost of a data breach at $4 million, or $158 per record. This does not include additional regulatory, legal, and reputational costs. Preparedness can materially reduce this cost. For example, organizations with a CISO paid on average $8 less per compromised record. Board-level involvement reduced incident response cost by $6 per record, and participating in threat sharing by $9 per record. The most effective step in reducing the cost, though, is having a dedicated incident response team – a reduction of $13 per record.
The risk of cyberattack cannot be eliminated, but it can be managed. Here are steps that companies can take now:
Once an organization discovers an incident, it is critical to assess its nature, scope, and status.