Data breaches like ransomware can be catastrophic for some businesses. Not only do affected organizations lose revenue from the downtime that occurs during the incident, the post-breach costs can be significant. These costs can include everything from the time and resources it takes to detect how the compromise occurred and remediate the actual threat to notifying customers of the exposure, paying any regulation fines and a reduction in business due to system downtime, customer churn and increased cost of acquiring new customers.

IBM recently published the findings from its 2021 Cost of a Data Breach Report. This year’s report found that ransomware attacks were more expensive than average breaches, costing on average $4.62 million, excluding the cost of paying the ransom. The percentage of companies where ransomware was a factor in the breach was 7.8 percent.

Why Is Ransomware So Costly?

Ransomware doesn’t exist as a solo type of attack, which only exacerbates the cost. It can stem from phishing or social engineering attempts that seek to steal identity and authentication information. According to the Cost of a Data Breach Report, 20 percent of all breaches studied were caused by compromised credentials — the most common attack vector.

Now, not only are your records held captive, you’ve also got an attacker loose in your internal systems using legitimate credentials. Investigating attacks of this nature can be extremely time consuming. Breaches from compromised credentials took an average of 250 days to identify and 91 days to contain, for a total of 341 days, the longest data breach lifecycle based on initial attack vector. The report found that data breaches that took longer than 200 days to identify and contain cost on average $4.87 million, compared to $3.61 million for breaches that took less than 200 days — adding more to your costs.

Finally, your data (or your customer’s data) has been exposed. This is tricky to calculate but the report does highlight that loss of business represented 38 percent of the overall average cost of the breach — or about $1.59 million.

Download the Report

Limiting Damage with Zero Trust

It’s not realistic to think that you can prevent a ransomware attack, but it is possible to limit the size and scope of the damage. Consider that in this year’s report, zero trust was identified as a way to reduce the average cost of a data breach. In fact, the report found that the average cost of a data breach was $1.76 million less for those companies that had a mature zero trust approach deployed, compared to those without a zero trust approach.

At the same time, findings from the report showed that nearly 43 percent of respondents said they have no plans to implement zero trust. Come again?

Why is this number so high when the benefits are so apparent? This really speaks to the challenge of implementing this type of approach. Zero trust is a different way of thinking about your security tools and information. It requires sharing data across teams that may have competing goals or budgets. But it doesn’t have to be so hard.

Putting zero trust into action as a modern approach to security gives your business the confidence and the flexibility to grow and adapt as it needs to, without worrying about security. Limiting damage from breaches is a good place to start. And, in the end, it seems that costs for ransomware are relative — you can pay now to limit damage or pay more in the long run.

Where Do You Start with Zero Trust?

Knowing your business goals and the cyber threats that put those goals in jeopardy is essential to the success of any security program. In our next blog, we’ll be discussing the importance of security risk quantification as a way to measure the impact of a breach. Knowing these costs shines a light into what’s important to your business and provides a clear picture of your cost versus risk, which can help justify starting or advancing your zero trust approach.

More from Zero Trust

Zero Trust Data Security: It’s Time To Make the Shift

4 min read - How do you secure something that no longer exists? With the rapid expansion of hybrid-remote work, IoT, APIs and applications, any notion of a network perimeter has effectively been eliminated. Plus, any risk inherent to your tech stack components becomes your risk whether you like it or not. Organizations of all sizes are increasingly vulnerable to breaches as their attack surfaces continue to grow and become more difficult — if not impossible — to define. Add geopolitical and economic instability…

4 min read

How Zero Trust Changed the Course of Cybersecurity

4 min read - For decades, the IT industry relied on perimeter security to safeguard critical digital assets. Firewalls and other network-based tools monitored and validated network access. However, the shift towards digital transformation and hybrid cloud infrastructure has made these traditional security methods inadequate. Clearly, the perimeter no longer exists. Then the pandemic turned the gradual digital transition into a sudden scramble. This left many companies struggling to secure vast networks of remote employees accessing systems. Also, we’ve seen an explosion of apps,…

4 min read

SOAR, SIEM, SASE and Zero Trust: How They All Fit Together

4 min read - Cybersecurity in today’s climate is not a linear process. Organizations can’t simply implement a single tool or strategy to be protected from all threats and challenges. Instead, they must implement the right strategies and technologies for the organization’s specific needs and level of accepted risks. However, once the dive into today’s best practices and strategies begins, it’s easy to quickly become overwhelmed with SOAR, SIEM, SASE and Zero Trust —  especially since they almost all start with the letter S.…

4 min read

Contain Breaches and Gain Visibility With Microsegmentation

4 min read - Organizations must grapple with challenges from various market forces. Digital transformation, cloud adoption, hybrid work environments and geopolitical and economic challenges all have a part to play. These forces have especially manifested in more significant security threats to expanding IT attack surfaces. Breach containment is essential, and zero trust security principles can be applied to curtail attacks across IT environments, minimizing business disruption proactively. Microsegmentation has emerged as a viable solution through its continuous visualization of workload and device communications…

4 min read