Last week, we reviewed some of the highlights of IBM’s 2020 Cost of a Data Breach Report, and saw how both human-factored cyber attacks and compromised credentials are increasingly frequently and can cost businesses upwards of $4 million. But now we’ll finish out on a positive note by emphasizing a key driver in reducing the cost of a data breach: incident response.
If your business ever experiences a data breach, you don’t want to be caught without a plan. Being about to identify and put a stop to the attack quickly will not only stop more information from being stolen, but will also dramatically reduce the cost of the breach. Last year, the IBM report showed that businesses with an n incident response team and which tested their response saved an average of $1.23 million on the cost of the breach. This year, that number jumped up all the to $2 million saved on a breach. Given the increased cost reduction of responding quickly, there is no reason why business shouldn’t have an incident response team in place.
However, having an incident response team in place is only one piece of the puzzle. It’s also important that your team, alongside with business leadership test your plan by simulating different cyber attacks that your business is vulnerable to. According to the report, incident response testing is the single biggest factor in limiting cost of a breach. Just testing your response shaves off an average of nearly $300,000 from the cost of a breach.
When it comes to forming a response team and testing, it essential that your team includes more than just staff from the IT department. A data breach also requires the oversight of businesses leadership and legal to ensure the response is aligned with regulatory requirements such as disclosure. Of course, the having technical experts is also important to help limit further access, exfiltration and damage to your systems.
Of course, with everything today, COVID-19 has made the job of your response team even harder. While the report doesn’t have data on the exact impact COVID has had on response time, it does show that 76% of businesses expect that working remotely will increase the time it takes to respond to a breach, which, of course, will also increase the cost of the breach. It’s therefore essential that your team tests how your response differs when everyone is working remotely, then discuss possible changes to the response plan should a breach happen while everyone is working from home.