Saturday December 7, 2019
Home Lead Story Hiring Securi...

Hiring Security Pros can Cut Cyberattack Impact Cost, Says Study

The survey highlighted that more than one-third of organizations (34 per cent) with a DPO that suffered a data breach did not incur any financial loss, compared to only one-fifth (20 per cent) of businesses overall

0
//
cyberattack
Image source: wordpress.com

Enterprises which deployed an internal Security Operation Center (SOC) have been able to reduce financial damage from a cyberattack at $675,000 — less than half the average impact cost for all enterprise-level organizations at $1.41 million, a new survey from Kaspersky and market research firm B2B International has revealed.

The survey showed that outsourcing security may actually increase the financial impact, particularly if the company uses an under-qualified subcontractor.

Among other changes that a business can employ to reduce loses from a data breach is to employ a Data Protection Officer (DPO), as 34 per cent of companies of all sizes with this dedicated role reported that a cyber incident did not result in monetary loses, the findings showed.

Every year, data breaches are becoming more expensive for enterprises. In 2019, this cost has risen to $1.41 million — up from $1.23 million the previous year, said the Kaspersky report.

In response to this, large organizations are investing more in cybersecurity. This year, enterprise IT security budgets averaged $18.9 million compared to $8.9 million in 2018.

Establishing an internal SOC involves purchasing the necessary tools, building processes and recruiting analysts, which can be a challenge for any business.

“Likewise, finding a DPO, who can combine IT security and legal knowledge, is not an easy task. These require time and budgets, and security leaders often find it difficult to justify such initiatives,a said Veniamin Levtsov, Vice President, Corporate Business at Kaspersky.

Cyberattacks
An employee works near screens in the virus lab at the headquarters of Russian cybersecurity company Kaspersky Labs in Moscow, July 29, 2013. VOA

Just having a dedicated employee or even special subdivision does not guarantee that a company will not suffer a data breach.

“However, it does ensure that the business is prepared for these incidents, allowing them to recover from an attack more quickly and efficiently,” Levtsov added.

Outsourced SOCs however don’t reduce the cost of data breaches for enterprises.

The survey showed that outsourcing security to a Managed Security Service Provider (MSP) may actually increase the financial impact, particularly if the company uses an under-qualified subcontractor.

Also Read: Apple Might Ship a 96W USB-C Charger with 16-inch MacBook Pro

“Nearly 23 per cent of companies that use an MSP experienced a financial impact of between $100k-249k, while only 19 per cent businesses with an in-house IT team reported this level of damage,” said the report.

The survey highlighted that more than one-third of organizations (34 per cent) with a DPO that suffered a data breach did not incur any financial loss, compared to only one-fifth (20 per cent) of businesses overall. (IANS)

Next Story

Organizations in India Much Slower in Detecting Cyberattack, Says Survey

Companies should ideally detect an intrusion on an average within one minute, investigate it within 10 minutes, and isolate or remediate the problem within an hour, said CrowdStrike which developed that 1-10-60 rule

0
Cloudhopper, cyberattacks, internet
The picture shows a warning sign for "cyber threats ahead". Pixabay

Organizations in India take 222 hours on an average to detect, triage and investigate a cyberattack, making them much slower than the global average of 162 hours, says a new survey by US-based cyber-security firm CrowdStrike.

Almost all respondents from India (97 percent) said cyberattacks sponsored by malicious and unfriendly countries pose a clear and present danger to the organization.

Over 40 percent of Indians surveyed said China was the country that most worries respondents when thinking about the potential origin of a nation-state-sponsored cyberattack.

Surprisingly, 30 percent of Indians also said they thought India and or Pakistan could be the potential origin of a nation-state-sponsored cyberattack, said the study titled “2019 Global Security Attitude Survey”.

Florida, Ransom, Cybercriminals
A laptop displays a message after being infected by ransomware as part of a worldwide cyberattack on June 27, 2017 in Geldrop, Netherlands. (Representational image). VOA

The study involved 1,900 senior IT decision-makers and IT security professionals in the US, Canada, UK, Mexico, Middle East, Australia, Germany, Japan, France, India, and Singapore across major industry sectors.

From India, 300 senior IT decision-makers and IT security professionals were surveyed.

Also Read: Google Throws Another Googly: Lahore is Khalistan Capital

To be successful at stopping breaches, an organization needs to detect, investigate and remediate or contain the threat as quickly as possible.

Companies should ideally detect an intrusion on an average within one minute, investigate it within 10 minutes, and isolate or remediate the problem within an hour, said CrowdStrike which developed that 1-10-60 rule. (IANS)