The Ponemon Institute recently released its “2016 Cost of Data Breach Study: Global Analysis” and the report contains good news and bad news. Let’s start with the good news…
The report indicates that, “Since first conducting this research, the cost of a data breach has not fluctuated significantly.”
With all of the good news out of the way, everything else is pretty much bad news. Let’s hit a few of the high points (or low points, as the case may be.)
A Few Survey Findings
The survey reflects results from 383 participating companies from around the world and the research showed disturbing and frightening indicators regarding the effectiveness of current cybersecurity activities.
Here are just a few of the report findings to consider:
- The average data breach costs roughly $4 million dollars.
- The Ponemon Institute estimates a 26% chance for companies to experience a breach of more then 10K records. (Note that percentage applies to breaches, not attacks.)
- The Mean Time to Identify (MTTI) a breach was 201 days with an added Mean Time to Contain (MTTC) of 70 days (for a total of 271 days.)
- The longer it takes to detect a breach, the more costly it is.
So let’s stop there and think of the implications of these findings upon just the 383 companies who participated in the survey.
- For the 383 companies surveyed, 99 of them are likely to experience a breach in the next year.
- The estimated total cost for those breaches will be around $396 million!
- Based on the MTTI results in this report, most of those breached companies will not even know they were breached until some time next year.
Without having to read all 32 pages of the report, we can come to a solid conclusion: We would be wise to rethink the strategies and tactics of cyber defense.
Let’s start by acknowledging that the sophistication and veracity of data breaches indicates that traditional perimeter security systems alone are insufficient.
We need to recognize that once perimeter security systems have been compromised, immediate detection of network anomalies must be the new frontline focus in the war against cyber attacks. The report’s 201 day MTTI finding is evidence enough to realize that implementing more effective, timely detection technologies is a critical need that can potentially yield enormous investment returns.
That’s what Red Lambda and MetaGrid is all about…new technologies that can defeat cyber threats and mitigate data breaches by identifying anomalies in stream time – before the data comes to rest, without a dependence on threat signatures.
In response to the Ponemon survey, it is important to consider the question, “What might be the cost to your organization of not implementing a more effective cyber threat detection technology?”
Let's hope it doesn’t take another 201 days before your organization answers that question with certainty.