It can be hard to navigate which solutions really protect you from the effects of a data breach. Take a look at defending against data breaches by the numbers. That way, you can focus on the modern data security approaches that make next year’s results more promising.

According to the annual Cost of a Data Breach Report, back in 2017 the average cost of a data breach hit $4 million. That figure dipped below $4 million for the next three years, but it jumped back up in 2021. The average cost of a data breach this year was a record $4.24 million. The good news is that this does not have to be the ‘new normal’. Add proven data security intelligence, tools and practices to drive this trend downward.

Attackers Target Your Customers

Customer personally identifiable information (PII) is the most common and most expensive record type regarding data breach impact. It’s a double whammy. Customer PII makes up 44% of all lost or stolen records containing sensitive information. In addition, each customer PII record costs a company an average of $180. Compare that to the overall cost per record of $161. Criminals know what they are looking for and have been successful in getting it, punishing those organizations that fail to protect customer PII.

The Stakes of a Data Breach Are Rising

Compliance violations earned the spot as the top cost-amplifying factor for data breaches in 2021. These often result in penalties that add up. For example, according to the GDPR Enforcement Tracker, from August 2020 to August 2021, total fines have more than doubled in quantity from 354 to 756 (and counting). The total of GDPR fines in August 2021 was more than €1.05 billion, compared to €133 million in August 2020. The costs don’t stop there: the legal and repair costs can further add to the penalties.

This raises the question of why some highly regulated businesses and agencies still lag in auditing and hardening their systems before breaches occur. Leading chief information security officers (CISOs) know it’s important to have a robust, repeatable and adaptable data protection program. On top of that, the program should include discovery and classification, activity monitoring and user behavior analytics. Vulnerability assessment is a vaccine to ward off the long-term effects of breaches that result in compliance violations and fines.

Most regulations now focus on data privacy and protecting your customers, partners and employees from fraud and theft. Compliance done right promises to yield tremendous benefits that instill confidence in your constituents, build loyalty and boost revenue.

Download the Report

Zero Trust, Big Savings

Zero trust has evolved from a concept to a blueprint to a coordinated set of security tools in a short time. People with a zero trust strategy in place have already seen the benefits. According to the 2021 study, of those companies that had fully or partially deployed zero trust, 48% reported being in the mature stage of zero trust. Another 38% reported being in the middle stage. Groups with mature zero trust saved 42.3% compared to groups without zero trust.

So what might mature deployment do to protect data that immature groups don’t? The study found that a high standard of encryption yielded a savings of 29.4%, or $1.25 million, per breach. (In this case, we define a high standard as using at least 256 AES encryption for data at rest and in motion.) According to the IBM Institute for Business Value (IBV) report Getting Started with Zero Trust Security, data loss prevention and data exfiltration controls are key factors possessed by ‘pacesetter’ groups that are reaping the benefits of zero trust without increasing their budget and resource spending.

Back of the napkin math reveals that a typical enterprise company can attain a high cryptographic standard with a proven enterprise file and database encryption solution at an expense below the cost of just a single data breach. Another way to cut down on the cost of a data breach is the use of security analytics. Modern data protection solutions, such as IBM Security Guardium Insights, provide centralized insight and advanced analytics to help zero in on data risks faster and share insights across teams, helping to reduce the likelihood of a data breach by 40%.

Hybrid Cloud: More Protection Against a Data Breach

Hybrid multicloud models are not as simple as ‘my or your or their’ cloud, but are an amalgam that creates our cloud. For example, a financial services firm might have a private cloud that meets the most strict regulatory requirements their industry requires. But they also have contracts with a third-party fintech cloud service to enable new banking products and services.

Beyond the flexibility, speed and collaboration advantages, there’s a security and cost benefit of the heterogeneous approach. The average cost of a data breach for a hybrid cloud environment was 28.3% less than that for a public cloud. Why? Well, a single point of failure is less likely in a hybrid or heterogeneous environment. That makes it harder for attackers to get a single set of keys to the kingdom. The top attack vectors do less damage when they are spread out over a hybrid infrastructure. Those vectors are almost impossible to remove, so ongoing risk reduction and vulnerability assessment are critical.

The cost and flexibility of a hybrid cloud environment are indeed attractive. However, you shouldn’t let this result in a disparate set of policies and tools to secure each type of environment. That inefficiency will add costs over time and diminish your overall defensive posture. According to Getting Started with Zero Trust Security, 70% of organizations are unable to secure data that moves across multiple cloud and on-premises environments. That puts the intended benefit from hybrid cloud platform strategies at risk.

Today’s Solutions

Solutions like cloud key management and cloud hardware security modules (HSMs) with encryption allow you to choose and change cloud service providers, without losing centralized control, regulatory compliance policy enforcement and custodianship.

The pandemic didn’t appear to slow down attackers in 2020. They stole more data and made it more expensive for companies to recover from the damage. The good news is that zero trust is starting to pay dividends. You can keep compliance problems in check with the right data visibility and remediation. What’s more, a hybrid cloud environment might prove a more dynamic security platform than the status quo.

More from Data Protection

Overheard at RSA Conference 2024: Top trends cybersecurity experts are talking about

4 min read - At a brunch roundtable, one of the many informal events held during the RSA Conference 2024 (RSAC), the conversation turned to the most popular trends and themes at this year’s events. There was no disagreement in what people presenting sessions or companies on the Expo show floor were talking about: RSAC 2024 is all about artificial intelligence (or as one CISO said, “It’s not RSAC; it’s RSAI”). The chatter around AI shouldn’t have been a surprise to anyone who attended…

3 Strategies to overcome data security challenges in 2024

3 min read - There are over 17 billion internet-connected devices in the world — and experts expect that number will surge to almost 30 billion by 2030.This rapidly growing digital ecosystem makes it increasingly challenging to protect people’s privacy. Attackers only need to be right once to seize databases of personally identifiable information (PII), including payment card information, addresses, phone numbers and Social Security numbers.In addition to the ever-present cybersecurity threats, data security teams must consider the growing list of data compliance laws…

How data residency impacts security and compliance

3 min read - Every piece of your organization’s data is stored in a physical location. Even data stored in a cloud environment lives in a physical location on the virtual server. However, the data may not be in the location you expect, especially if your company uses multiple cloud providers. The data you are trying to protect may be stored literally across the world from where you sit right now or even in multiple locations at the same time. And if you don’t…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today