Reducing the cost of data breaches is a vital consideration for any good security strategy. In fact, when a breach occurs, many factors can influence its cost, either increasing or decreasing the final amount. Some of those aspects are external to the company, such as laws and regulations, and must be accepted as they are.
However, there are several factors that fall within the boundaries of company control and, if properly used, can greatly reduce the impact of a data breach. These factors can turn a crisis that could put a large enterprise out of business into a manageable situation.
Here are six ways you can reduce cost of data breaches at your organization.
- Deploy an Incident Response Team
Assembling an incident response team involves tasks such as:
- Developing an incident response policy and plan
- Creating formal procedures for performing incident handling and reporting
- Determining the necessary guidelines for communicating with outside parties, both internal (e.g., legal department) and external (e.g., law enforcement agencies)
- Defining the response team structure and required training
Once this planning phase is complete, an incident response team works by detecting, analyzing and trying to contain and eradicate any possible breach situation. Even in cases where a breach is detected after information leaves the organization’s control, the incident response team can still help by eradicating the probability of further leaks, while also providing essential information to other teams to reduce the incident impact (i.e., crisis management, communications, legal).
According to the 2017 Cost of Data Breach Study, the use of a fully functional incident response team reduces the cost of data breaches by $19 — from $141 to $122 (average cost per lost or stolen record).
- Take Advantage of Encryption Technology
Encryption plays a key role into reducing the chances of a data leak. For instance, it can protect both data at rest (e.g., files saved on a computer, server, mobile device or Cloud) and data in transit (e.g., information downloaded or uploaded over the Internet, used by an application, sent over an email or instant messenger).
In either case, if a cybercriminal captures encrypted information it will be of no use, provided he does have the means to reading it (e.g., using private encryption keys or exploiting an outdated encryption algorithm). This makes the extensive use of encryption throughout a company a great strategy for reducing the average cost of a data breach.
- Provide Security Awareness Training for Employees & Other Related Parties
Employee security awareness training is yet another great strategy for reducing the chances of a data breach. For starters, workers should be made aware of corporate security policies and basic security principles, including directives (e.g., restrictions when copying files to USB drives or sending email attachments) and the consequences of violating rules. This should reduce the likelihood of insiders taking part, either willingly or by accident, in a breach.
Security awareness training can also greatly reduce the success rate of attacks commonly associated with data breaches like phishing. Even when a cybercriminal successfully carries out an attack, it is far more likely that a security-aware employee will report the attack to the incident response team.
- Create a Data Classification Policy & Use a Good Data Loss Prevention (DLP) Solution
Data classification basically means categorizing information based on specific criteria (e.g., public, internal use or confidential) in order to ensure it can be protected in accordance to its value to the company. This process helps organizations determine what information is considered sensitive, who should have access to it, and how it should be handled, copied or discarded.
Once sensitive information has been identified, it is also possible to use a DLP solution to help detect and prevent data breaches. For example, it is possible to detect when confidential information is copied to a USB drive or sent by email through a DLP. In both cases, a good DLP solution could either send a notification to an incident response team for investigation, prevent files from being copied or simply ask for further approval before the information is copied or the email is sent. In terms of reducing the cost of data breaches, DLP solutions can be very effective, as long as the information is properly classified/identified.