It can be hard to navigate which solutions really protect you from the effects of a data breach. Take a look at defending against data breaches by the numbers. That way, you can focus on the modern data security approaches that make next year’s results more promising.

According to the annual Cost of a Data Breach Report, back in 2017 the average cost of a data breach hit $4 million. That figure dipped below $4 million for the next three years, but it jumped back up in 2021. The average cost of a data breach this year was a record $4.24 million. The good news is that this does not have to be the ‘new normal’. Add proven data security intelligence, tools and practices to drive this trend downward.

Attackers Target Your Customers

Customer personally identifiable information (PII) is the most common and most expensive record type regarding data breach impact. It’s a double whammy. Customer PII makes up 44% of all lost or stolen records containing sensitive information. In addition, each customer PII record costs a company an average of $180. Compare that to the overall cost per record of $161. Criminals know what they are looking for and have been successful in getting it, punishing those organizations that fail to protect customer PII.

The Stakes of a Data Breach Are Rising

Compliance violations earned the spot as the top cost-amplifying factor for data breaches in 2021. These often result in penalties that add up. For example, according to the GDPR Enforcement Tracker, from August 2020 to August 2021, total fines have more than doubled in quantity from 354 to 756 (and counting). The total of GDPR fines in August 2021 was more than €1.05 billion, compared to €133 million in August 2020. The costs don’t stop there: the legal and repair costs can further add to the penalties.

This raises the question of why some highly regulated businesses and agencies still lag in auditing and hardening their systems before breaches occur. Leading chief information security officers (CISOs) know it’s important to have a robust, repeatable and adaptable data protection program. On top of that, the program should include discovery and classification, activity monitoring and user behavior analytics. Vulnerability assessment is a vaccine to ward off the long-term effects of breaches that result in compliance violations and fines.

Most regulations now focus on data privacy and protecting your customers, partners and employees from fraud and theft. Compliance done right promises to yield tremendous benefits that instill confidence in your constituents, build loyalty and boost revenue.

Zero Trust, Big Savings

Zero trust has evolved from a concept to a blueprint to a coordinated set of security tools in a short time. People with a zero trust strategy in place have already seen the benefits. According to the 2021 study, of those companies that had fully or partially deployed zero trust, 48% reported being in the mature stage of zero trust. Another 38% reported being in the middle stage. Groups with mature zero trust saved 42.3% compared to groups without zero trust.

So what might mature deployment do to protect data that immature groups don’t? The study found that a high standard of encryption yielded a savings of 29.4%, or $1.25 million, per breach. (In this case, we define a high standard as using at least 256 AES encryption for data at rest and in motion.) According to the IBM Institute for Business Value (IBV) report Getting Started with Zero Trust Security, data loss prevention and data exfiltration controls are key factors possessed by ‘pacesetter’ groups that are reaping the benefits of zero trust without increasing their budget and resource spending.

Back of the napkin math reveals that a typical enterprise company can attain a high cryptographic standard with a proven enterprise file and database encryption solution at an expense below the cost of just a single data breach. Another way to cut down on the cost of a data breach is the use of security analytics. Modern data protection solutions, such as IBM Security Guardium Insights, provide centralized insight and advanced analytics to help zero in on data risks faster and share insights across teams, helping to reduce the likelihood of a data breach by 40%.

Hybrid Cloud: More Protection Against a Data Breach

Hybrid multicloud models are not as simple as ‘my or your or their’ cloud, but are an amalgam that creates our cloud. For example, a financial services firm might have a private cloud that meets the most strict regulatory requirements their industry requires. But they also have contracts with a third-party fintech cloud service to enable new banking products and services.

Beyond the flexibility, speed and collaboration advantages, there’s a security and cost benefit of the heterogeneous approach. The average cost of a data breach for a hybrid cloud environment was 28.3% less than that for a public cloud. Why? Well, a single point of failure is less likely in a hybrid or heterogeneous environment. That makes it harder for attackers to get a single set of keys to the kingdom. The top attack vectors do less damage when they are spread out over a hybrid infrastructure. Those vectors are almost impossible to remove, so ongoing risk reduction and vulnerability assessment are critical.

The cost and flexibility of a hybrid cloud environment are indeed attractive. However, you shouldn’t let this result in a disparate set of policies and tools to secure each type of environment. That inefficiency will add costs over time and diminish your overall defensive posture. According to Getting Started with Zero Trust Security, 70% of organizations are unable to secure data that moves across multiple cloud and on-premises environments. That puts the intended benefit from hybrid cloud platform strategies at risk.

Today’s Solutions

Solutions like cloud key management and cloud hardware security modules (HSMs) with encryption allow you to choose and change cloud service providers, without losing centralized control, regulatory compliance policy enforcement and custodianship.

The pandemic didn’t appear to slow down attackers in 2020. They stole more data and made it more expensive for companies to recover from the damage. The good news is that zero trust is starting to pay dividends. You can keep compliance problems in check with the right data visibility and remediation. What’s more, a hybrid cloud environment might prove a more dynamic security platform than the status quo.