Data breaches like ransomware can be catastrophic for some businesses. Not only do affected organizations lose revenue from the downtime that occurs during the incident, the post-breach costs can be significant. These costs can include everything from the time and resources it takes to detect how the compromise occurred and remediate the actual threat to notifying customers of the exposure, paying any regulation fines and a reduction in business due to system downtime, customer churn and increased cost of acquiring new customers.

IBM recently published the findings from its 2021 Cost of a Data Breach Report. This year’s report found that ransomware attacks were more expensive than average breaches, costing on average $4.62 million, excluding the cost of paying the ransom. The percentage of companies where ransomware was a factor in the breach was 7.8 percent.

Why Is Ransomware So Costly?

Ransomware doesn’t exist as a solo type of attack, which only exacerbates the cost. It can stem from phishing or social engineering attempts that seek to steal identity and authentication information. According to the Cost of a Data Breach Report, 20 percent of all breaches studied were caused by compromised credentials — the most common attack vector.

Now, not only are your records held captive, you’ve also got an attacker loose in your internal systems using legitimate credentials. Investigating attacks of this nature can be extremely time consuming. Breaches from compromised credentials took an average of 250 days to identify and 91 days to contain, for a total of 341 days, the longest data breach lifecycle based on initial attack vector. The report found that data breaches that took longer than 200 days to identify and contain cost on average $4.87 million, compared to $3.61 million for breaches that took less than 200 days — adding more to your costs.

Finally, your data (or your customer’s data) has been exposed. This is tricky to calculate but the report does highlight that loss of business represented 38 percent of the overall average cost of the breach — or about $1.59 million.

Download the Report

Limiting Damage with Zero Trust

It’s not realistic to think that you can prevent a ransomware attack, but it is possible to limit the size and scope of the damage. Consider that in this year’s report, zero trust was identified as a way to reduce the average cost of a data breach. In fact, the report found that the average cost of a data breach was $1.76 million less for those companies that had a mature zero trust approach deployed, compared to those without a zero trust approach.

At the same time, findings from the report showed that nearly 43 percent of respondents said they have no plans to implement zero trust. Come again?

Why is this number so high when the benefits are so apparent? This really speaks to the challenge of implementing this type of approach. Zero trust is a different way of thinking about your security tools and information. It requires sharing data across teams that may have competing goals or budgets. But it doesn’t have to be so hard.

Putting zero trust into action as a modern approach to security gives your business the confidence and the flexibility to grow and adapt as it needs to, without worrying about security. Limiting damage from breaches is a good place to start. And, in the end, it seems that costs for ransomware are relative — you can pay now to limit damage or pay more in the long run.

Where Do You Start with Zero Trust?

Knowing your business goals and the cyber threats that put those goals in jeopardy is essential to the success of any security program. In our next blog, we’ll be discussing the importance of security risk quantification as a way to measure the impact of a breach. Knowing these costs shines a light into what’s important to your business and provides a clear picture of your cost versus risk, which can help justify starting or advancing your zero trust approach.

More from Security Services

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

Ermac malware: The other side of the code

6 min read - When the Cerberus code was leaked in late 2020, IBM Trusteer researchers projected that a new Cerberus mutation was just a matter of time. Multiple actors used the leaked Cerberus code but without significant changes to the malware. However, the MalwareHunterTeam discovered a new variant of Cerberus — known as Ermac (also known as Hook) — in late September of 2022.To better understand the new version of Cerberus, we can attempt to shed light on the behind-the-scenes operations of the…

ITG05 operations leverage Israel-Hamas conflict lures to deliver Headlace malware

12 min read - As of December 2023, IBM X-Force has uncovered multiple lure documents that predominately feature the ongoing Israel-Hamas war to facilitate the delivery of the ITG05 exclusive Headlace backdoor. The newly discovered campaign is directed against targets based in at least 13 nations worldwide and leverages authentic documents created by academic, finance and diplomatic centers. ITG05’s infrastructure ensures only targets from a single specific country can receive the malware, indicating the highly targeted nature of the campaign. X-Force tracks ITG05 as…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today