According to a recent report from IBM, the average cost of a data beach to a business is $3.9 million. The report goes on to indicate that the cost of more widespread breaches can easily get into the hundreds of millions of dollars.
The factors that will determine how much a data breach will cost include:
- The cause of the breach
- Action taken after the fact
- Type of data was exposed
- If your organization has worked with regulators
Detaining and containing a breach quickly is one of the keys to minimizing damage, both financial and reputational.
Here are our quick tips to detect and contain a breach
- Using Antivirus will detect and contain a threat to your computer
- Using a SIEM / SOC provider will detect the threat and allow you to determine if it is truly a breach
- Be aware a SIEM doesn’t typically contain a breach as it is after the fact
- Doing all 3 requires you to use a multi-stage approach with anti-virus, EDR and a SIEM / SOC tool combined
Definitions for above:
SIEM (Security information and event management) is a platform that collects all the logs from a device and stores them, then analyzes them for security issues or concerns.
SOC (Security operations center) is eyes on the glass that take the alerts from the SIEM and analyzes them further to see if action needs to be taken.
EDR (Endpoint Detection and Response) is an engine that runs on a computer and would stop a threat that traditional AV wouldn’t stop. EDR also collects more forensic evidence to figure out what is going on, why it was stopped, and how it got on the machine.
Have further questions regarding data breaches and control methods? Drop us a line at Solutions@thetek.com