Steps to Help Minimize Financial Consequences of a Data Breach

The cost of a data breach research underscores the importance of being prepared for a cyber incident. In this section, based on the results of our research, we outline steps organizations have taken to help reduce the damages and financial impact of a data breach. Observations regarding security practices that seem to mitigate data breaches are for educational purposes and do not guarantee results.

Have an incident response team and put incident response plans to the test.

To help mitigate the costs of a potential data breach, form of an incident response team and test the incident response plan. Organizations can help strengthen their ability to respond quickly to contain the fallout from a breach by establishing a detailed cyber incident playbook and routinely testing that plan through tabletop exercises or by running through a breach scenario in a simulated environment such as a cyber range

Programs that preserve customer trust can help reduce the unexpected loss of customers following a data breach.

Organizations we surveyed worldwide continued to lose customers as a result of their data breaches. However, organizations with a senior-level leader, such as a chief privacy officer or chief information security officer, directing initiatives to help improve customer trust in the guardianship of their personal information, reduced turnover and, therefore, reduced the cost of the breach.

Discover, classify and encrypt sensitive data and identify database misconfigurations.

Data classification schema and retention programs can help bring visibility into the sensitive and confidential information that is vulnerable to a breach and reduce the volume of such information. Vulnerability scanning can help you identify database vulnerability exposures and misconfigurations. The most sensitive data should be obscured and encrypted on premise, at the endpoint, in transit, and in the cloud.

Invest in technologies that help improve the ability to rapidly detect and contain a data breach.

The faster the data breach was identified and contained, the lower the costs. This year, the increasing time to resolve a breach was potentially due to the increasing severity of criminal and malicious attacks experienced by a majority of companies in our sample. Security automation and intelligent orchestration capabilities that provide visibility across the security operations center can help improve an organization’s ability to contain the damage from a breach.

Invest in governance, risk management and compliance programs.

Detection and escalation costs include forensic and investigative activities, assessment and audit services, crisis team management and communications to executive management and board of directors. An internal framework for satisfying governance requirements, evaluating risk across the enterprise and tracking compliance with governance requirements can help improve an organization’s ability to detect and escalate a data breach.

Minimize complexity of IT and security environments.

In this year’s study, we found higher costs associated with data breaches caused by a third party, compliance failures, extensive cloud migration, system complexity, and extensive IoT, mobile and OT environments.