My takeaways from the 2020 Cost of a Data Breach statistics

This years 2020 Cost of a Data Breach report uncovered many thought-provoking insights about the state of cybersecurity practices around the world. As a cyber-security engineer in the Gold Coast Development Lab, I am one of the people creating technology that helps companies monitor their networks and detect attacks in real time. While reading the 2020 report, there were a few things that stood out to me as being particularly important to our customers. 

First, the extent that automation reduced the impact of a data breach was astounding. On average, the cost of a data breach for a company with fully deployed automation was $3.58M less than the cost for a company with no automation ($6.03 million). The staggering difference in cost showcases the vital nature of well-integrated and automated systems in a world where security products are only getting more complicated. The use of artificial intelligence and machine learning, in combination with orchestrated automation, pays off. Systems that leverage these concepts can and will save real money. This is something that we will continue to focus on in our engineering efforts, as we can see the immense value that this brings to our customers.

Next, for the second year running, the majority of data breaches were caused by malicious attacks. The three most common types of malicious attacks originated from compromised credentials, cloud misconfigurations, and vulnerabilities in third-party software. By collectively focusing technology and processes on these three categories, we could reduce the impact of the majority of malicious attacks. In fact, there are many technologies and processes that exist today which help reduce the impact of these types of attacks – it’s just a matter of making sure they’re being leveraged. Tools like User Behaviour Analytics can detect when credentials have been compromised, and a variety of IAM solutions can mitigate the impact of those credentials being stolen. Data breaches caused by cloud misconfigurations can be detected and remediated through monitoring your cloud environment using tools that makes it easy to get comprehensive visibility, such as network monitoring solutions in the cloud. Vulnerabilities in third-party software is something that the cyber-security community has been working on combatting for many years, and using threat feeds and vulnerability scanners gets you a long way to preventing these types of data breaches.

Finally, what shocks me the most is the time it takes to detect and contain a breach. On average, it takes 280 days to detect and contain a breach. This is still far too long. Through the use of effective tools and real-time monitoring, we can shorten this time to detect and contain. In fact, the report showed that environments with fully deployed automation took 74 days less to detect and contain the breach compared to environments with no automation. Every day that an attacker has access to your system compounds the potential damage and financial cost of a breach and that's why effectively leveraging the tools that reduce the time to detect and contain breaches is vital.

If you're interested in knowing more or you'd like to see the statistics for your region or industry you can download the Cost of Data Breach Report here.