Data breaches like ransomware can be catastrophic for some businesses. Not only do affected organizations lose revenue from the downtime that occurs during the incident, the post-breach costs can be significant. These costs can include everything from the time and resources it takes to detect how the compromise occurred and remediate the actual threat to notifying customers of the exposure, paying any regulation fines and a reduction in business due to system downtime, customer churn and increased cost of acquiring new customers.

IBM recently published the findings from its 2021 Cost of a Data Breach Report. This year’s report found that ransomware attacks were more expensive than average breaches, costing on average $4.62 million, excluding the cost of paying the ransom. The percentage of companies where ransomware was a factor in the breach was 7.8 percent.

Why Is Ransomware So Costly?

Ransomware doesn’t exist as a solo type of attack, which only exacerbates the cost. It can stem from phishing or social engineering attempts that seek to steal identity and authentication information. According to the Cost of a Data Breach Report, 20 percent of all breaches studied were caused by compromised credentials — the most common attack vector.

Now, not only are your records held captive, you’ve also got an attacker loose in your internal systems using legitimate credentials. Investigating attacks of this nature can be extremely time consuming. Breaches from compromised credentials took an average of 250 days to identify and 91 days to contain, for a total of 341 days, the longest data breach lifecycle based on initial attack vector. The report found that data breaches that took longer than 200 days to identify and contain cost on average $4.87 million, compared to $3.61 million for breaches that took less than 200 days — adding more to your costs.

Finally, your data (or your customer’s data) has been exposed. This is tricky to calculate but the report does highlight that loss of business represented 38 percent of the overall average cost of the breach — or about $1.59 million.

Download the Report

Limiting Damage with Zero Trust

It’s not realistic to think that you can prevent a ransomware attack, but it is possible to limit the size and scope of the damage. Consider that in this year’s report, zero trust was identified as a way to reduce the average cost of a data breach. In fact, the report found that the average cost of a data breach was $1.76 million less for those companies that had a mature zero trust approach deployed, compared to those without a zero trust approach.

At the same time, findings from the report showed that nearly 43 percent of respondents said they have no plans to implement zero trust. Come again?

Why is this number so high when the benefits are so apparent? This really speaks to the challenge of implementing this type of approach. Zero trust is a different way of thinking about your security tools and information. It requires sharing data across teams that may have competing goals or budgets. But it doesn’t have to be so hard.

Putting zero trust into action as a modern approach to security gives your business the confidence and the flexibility to grow and adapt as it needs to, without worrying about security. Limiting damage from breaches is a good place to start. And, in the end, it seems that costs for ransomware are relative — you can pay now to limit damage or pay more in the long run.

Where Do You Start with Zero Trust?

Knowing your business goals and the cyber threats that put those goals in jeopardy is essential to the success of any security program. In our next blog, we’ll be discussing the importance of security risk quantification as a way to measure the impact of a breach. Knowing these costs shines a light into what’s important to your business and provides a clear picture of your cost versus risk, which can help justify starting or advancing your zero trust approach.

More from Zero Trust

Contain Breaches and Gain Visibility With Microsegmentation

Organizations must grapple with challenges from various market forces. Digital transformation, cloud adoption, hybrid work environments and geopolitical and economic challenges all have a part to play. These forces have especially manifested in more significant security threats to expanding IT attack surfaces. Breach containment is essential, and zero trust security principles can be applied to curtail attacks across IT environments, minimizing business disruption proactively. Microsegmentation has emerged as a viable solution through its continuous visualization of workload and device communications…

Why Zero Trust Works When Everything Else Doesn’t

The zero trust security model is proving to be one of the most effective cybersecurity approaches ever conceived. Zero trust — also called zero trust architecture (ZTA), zero trust network architecture (ZTNA) and perimeter-less security — takes a "default deny" security posture. All people and devices must prove explicit permission to use each network resource each time they use that resource. Using microsegmentation and least privileged access principles, zero trust not only prevents breaches but also stymies lateral movement should a breach…

What to Know About the Pentagon’s New Push for Zero Trust

The Pentagon is taking cybersecurity to the next level — and they’re helping organizations of all kinds do the same. Here’s how the U.S. Department of Defense is implementing zero trust and why this matters to all businesses and organizations. But first, let’s review this zero trust business. What is Zero Trust? Zero trust is the most important cybersecurity idea in a generation. But “zero trust” is itself a bit of a misnomer. It’s not about whether a person or…

Effectively Enforce a Least Privilege Strategy

Every security officer wants to minimize their attack surface. One of the best ways to do this is by implementing a least privilege strategy. One report revealed that data breaches from insiders could cost as much as 20% of annual revenue. Also, at least one in three reported data breaches involve an insider. Over 78% of insider data breaches involve unintentional data loss or exposure. Least privilege protocols can help prevent these kinds of blunders. Clearly, proper management of access…