Blog :: Security Operations

Security breach costs

This past year has been lucrative for hackers.  With breaches at Target, Home Depot, and even down to our own personal accounts, the fact that we are at risk is clear. Most of us, myself included think that we are immune from such attacks. But what if it happened to your company? What would happen? What information would be at risk? More importantly, how much are security breach costs? The biggest question we must ask here is, how much will preventative measures save your company?

Malware: Data Breach Study

According to the 2014 Cost of Data Breach Study: Global Analysis, sponsored by IBM, the average cost of a security breach is $3.5 million in US dollars. This is a shocking number, especially for mid to small size companies. More shockingly though, this cost has gone up 15% from last year. Many companies have a hard time paying these costs or, at the very least, find them difficult to swallow. The thing is, hackers don’t care how big your company is or about who works there. All they care about is making money from you, off you, and how they can take it from you. Hackers don’t care about who they take down with them.

Security Breach Costs

As you may have heard, a breach doesn’t just cost your company money, it could cost its reputation. Many companies lose customers after widely publicized breaches. Moreover, slumping sales, possible internal blaming, and even layoffs can bring down a company to the point where corporate culture suffers. Unfortunately, in some cases companies don’t realize these damages until it’s too late. It is safe to assume that these malware security threats make history not only in the IT industry, but in homes around the world. Imaging dealing with these issues on top of the already staggering 3.5 million dollars your company could spend to recover from a breach. Again 3.5 million dollars? How does this cost add up, you may wonder? Consider:

  1. The percentage spent on marketing, re-branding, and over all publicly apologizing whilst trying to regain thousands of customers’ trust back. Unlike a fine, this cost is ongoing. Since a lot of the breaches come from recent events, there isn’t enough history to show how much this will add up to over the years.
  2. The customers who will never come back after trusting the company with personal information. This lost revenue adds up over years! Unfortunately, this number never gets smaller, and it only gets bigger.
  3. Government fines and penalties.
  4. The last and most devastating cost is job loss. Not only is this a financial cost, it is more importantly an emotional cost. Job loss can be a burden not only for employees, but also for their families. Who would have thought that Target’s security breach would impact a families’ livelihood?

See figure below for security breach costs.

  1.  Security breach costs

IT security crisis management

Given the fact that malware seems to be getting smarter, bigger, and more dangerous it’s safe to say that attacks aren’t going away any time soon. So what can we do? Remember the expression “stand up to the bully”? In this case, we have to stand up to malware, but how? History has shown that ignoring problems makes them worse. Investing time into IT security crisis management will save your company from downtime costs, and other related expenses. Investing in an incident response solution is becoming a primary line of defense.

Incident response solutions provide two important capabilities:

  • Investigate: When you need to track down a system, determine who and what it has been communicating with. What does your IT organization have at its disposal to pull up the history? An incident response solution allows you to dig into a “big data” NetFlow and IPFIX warehouse to find out.
  • Detect: They analyze network traffic for malicious activity using network behavior analysis. These malware behavior detection techniques are designed to look at flow data for any abnormalities. Incident response solutions analyze internal conversations as malicious conversations typically don’t pass through the firewall/IDS right away, going unnoticed until it’s too late.

So even though it may seem we are fighting an unstoppable force, a very expensive one at that, it is possible to be proactive, save time, money, and peace of mind with the proper incident response system in place.