Connect with us

Hi, what are you looking for?

HEADLINES

Internal SOCs halve financial impact of enterprise data breaches

Among other changes that a business can employ to reduce losses from a data breach is to employ a Data Protection Officer (DPO), as 34% of companies of all sizes with this dedicated role reported that a cyber incident did not result in monetary loses.

Enterprises with an internal Security Operation Center (SOC) estimate their financial damage from a cyberattack at $675k, which is less than half the average impact cost for all enterprise-level organizations ($1.41m), a new survey from Kaspersky and B2B International revealed.

Among other changes that a business can employ to reduce losses from a data breach is to employ a Data Protection Officer (DPO), as 34% of companies of all sizes with this dedicated role reported that a cyber incident did not result in monetary loses.

Every year, data breaches are becoming more expensive for enterprises. In 2019, this cost has risen to $1.41m , up from $1.23 million the previous year, the new ‘IT security economics in 2019: how businesses are losing money and saving costs amid cyberattacks’ report by Kaspersky shows. In response to this, large organizations are investing more in cybersecurity: this year enterprise IT security budgets averaged $18.9m, compared to $8.9m in 2018.

As the report demonstrates, investing in security software and IT security professionals brings results. This is reflected in companies with an internal SOC experiencing less damage from data breaches.

Advertisement. Scroll to continue reading.

Enterprises can look to reduce the financial impact of a data breach by building an internal SOC, responsible for the ongoing monitoring of security events and incident response. Adopting an SOC halves monetary loses from data breaches to just $675k. There are savings for larger SMBs (with 500+ employees) who adopt an SOC as well, with the total financial impact of a data breach for these businesses estimated at $106k, compared to $129k for the average SMB of this size.

Outsourced SOCs however, don’t reduce the cost of data breaches for enterprises. The survey showed that outsourcing security to a Managed Security Service Provider (MSSP) may actually increase the financial impact, particularly if the company uses an under-qualified subcontractor: 23% of companies that use an MSSP experienced a financial impact of between $100k-249k, while only 19% of  businesses with an in-house IT team reported this level of damage.

Another way to keep the cost of a breach down is by hiring a DPO. This is an employee who is responsible for building and implementing data protection strategy within a company, as well as managing compliance issues. The survey highlighted that more than one-third of organizations (34%) with[DM9]  a DPO that suffered a data breach did not incur any financial loss, compared to only one-fifth (20%) of businesses overall.

“Establishing an internal SOC involves purchasing the necessary tools, building processes and recruiting analysts, which can be a challenge for any business. Likewise, finding a DPO, who can combine IT security and legal knowledge, is not an easy task. These require time and budgets, and security leaders often find it difficult to justify such initiatives. But as we can see, these are worthwhile investments. Of course, just having a dedicated employee or even special subdivision does not guarantee that a company will not suffer a data breach, however, it does ensure that the business is prepared for these incidents, allowing them to recover from an attack more quickly and efficiently,”  said  Veniamin Levtsov, VP, Corporate Business at Kaspersky.

To empower internal SOCs, Kaspersky offers solutions and services, including Kaspersky EDR, Kaspersky Anti Targeted Attack, Kaspersky Threat Intelligence and Kaspersky Cybersecurity Training portfolio. They help to overcome the most common barriers to a working SOC, such as the lack of enterprise-wide visibility or insufficient threat information, as well as improving its performance.

Advertisement. Scroll to continue reading.

The Kaspersky Global Corporate IT Security Risks Survey (ITSRS) is a global survey of IT business decision makers, which is now in its 9th year. A total of 4,958 interviews were conducted across 23 countries. Respondents were asked about the state of IT security within their organizations, the types of threats they face and the costs they have to deal with when recovering from attacks. The regions covered consist of LATAM (Latin America), Europe, North America, APAC (Asia-Pacific with China), 

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

Someone illegally acquires or uses personal information such as bank account or credit card numbers of another person to obtain money, goods or services....

HEADLINES

To stay ahead of these challenges, organizations need to invest in AI-driven defenses, transition to quantum-safe encryption, and adopt a Zero Trust approach to...

HEADLINES

There was a 121% Year-on-Year (YoY) increase in identity fraud in 2024 across the region, with significant surges recorded in Singapore (207%), Thailand (206%)...

White Papers

The survey found that CXO’s feel less prepared than their global peers. Less than half or 48% in APAC said they felt completely prepared...

HEADLINES

On average, a single organization in the Philippines experiences 4,003 attacks per week, significantly higher than the APAC average of 2,870 attacks per week.

White Papers

Exploiting this vulnerability, cybercriminals craft deceptively authentic phishing emails that align with current trends, exploiting human emotions to invoke urgency and trick recipients into...

HEADLINES

As the year 2024 draws to a close, cybersecurity solutions provider Fortinet unveiled predictions that expect hackers will leverage as well as trends that...

HEADLINES

A bruteforce attack is a method employed by cybercriminals to guess login info, encryption keys, or find a hidden web page by systematically attempting...

Advertisement