Data security is gaining increased importance with each passing day. As data breaches become increasingly common, companies of all sizes and industries face pressure to execute reliable data protection measures and data breach response plans. Last year was no different, as regulators and cyber attackers increased this pressure on all countries’ organizations. Many new trends related to data breaches and their response plans are emerging nowadays in such a situation. Various factors cause these trends, and if you, too, are planning to put your data breach response plan in place, you need to know about these trends. That’s why we’ve decided to put them together in this article. Let’s begin with an explanation of the data breach response plan first.
Understanding A Data Breach Response Plan
As it seems by its name, a data breach response plan is the strategy that you adopt to respond in the situation of a data breach. It’s a set of actions that allow organizations to act swiftly in a coordinated manner as soon as they detect a data breach.
The steps included in this plan may be both technical (i.e. encryption of data, systemwide scanning of anti-malware software, regeneration and buy SSL certificates, etc.); and procedural (the precautions needed to be taken by the employees). This plan’s primary purpose remains to minimize the organization’s financial and reputational damage that the breach can cause.
Factors That Impact Data Breach Response Time
Many factors impact the response time of a company in case of a data breach.
Time Consumed In Detection:
Before you can respond to a data breach, you need to know that your data has been compromised. If you don’t come to know of the violation for a long time, you won’t be able to respond to it until the damage has been done. Therefore, it’s necessary to have robust data breach detection procedures and tools in place.
Lack Of A Clearly Defined Response Plan:
Once the breach has been discovered, the next step is to swing into action. However, the actions required to be taken must be articulated clearly. If your response plan in the situation of a data breach is not predetermined or defined clearly and concisely, you’ll find yourself and your team wondering what to do next. This can give the attacker the crucial time that he needs to increase the damage further.
Often, the time consumed in responding to an attack or data breach is increased because of the organization’s obsolete technology. For instance, many of the first steps involved in a data breach response plan can be automated with the latest security software’s help, which can reduce your response time and increase difficulties for the attacker even before your team comes into action.
But if the tech stack being used by your organization is outdated, it becomes difficult to achieve because such features may or may not be present in your tools.
Finally, law enforcement sometimes affects how quickly companies detect and respond to a data breach. In countries where the law requires companies to report a data breach within 72 hrs, companies are more alarmed about cyberattacks and data breaches. So the law of a country also affects whether or not companies quickly respond to data breach incidents.
With that in mind, now let’s take a look at the average data breach detection and containment times of various industries.
Average Time To Detect And Contain Data Breaches By Industry
The response time of companies involved in various industries varies significantly. According to a 2018 data breach report published by IBM, while companies engaged in the energy industry respond to a data breach in 150 days on average, companies involved in entertainment take up to 287 days. Here’s a summary of the average data breach response times for various industries based on that report:
|Industry||Data Breach Detection Time||Data Breach Containment Time|
|Public sector||190 days||57|
|Financial Services||163 days||54|
These are alarming figures because of how much damage can be done by an attacker in an extended dwell time. But an even more concerning part of the picture is that even after detection, it takes at least seven weeks to contain them. This proves that there’s a need to educate people in various industries about data breaches, detect them, and quickly respond to them.
Average Cost Of Data Breach For Various Industries
We already know how long it takes for each industry to detect and contain a data breach on average. But if we want to learn more from that data, we need to compare it with the cost of attack for all these industries. So here’s a snapshot of how much a data breach costs per capita for industries mentioned above:
|Industry||Cost of Data Breach (per capita)|
To understand these costs, it’s important to note what Per Capita Cost means here. According to IBM’s report, the number of records compromised from each company involved in their study stood between 2,500 to 100,000 records in a single data breach.
Each record represents a real-world user whose data was stolen. The tabulated costs represent the average loss that each of those users had to incur because of the breach. If you do the maths, it’s not difficult to find out the scale of these numbers now:
- Minimum loss: $75 * 2,500 users = $187,500
- Maximum loss: $408 * 100,000 users = $40,800,000
In short, the cost of a data breach for an average company ranges between $187,000 to $41 million. You can find the minimum and maximum range for your industry by dividing the average cost per capita of your industry by the maximum and the minimum number of records that can be compromised (i.e. 2,500 and 100,000, respectively).
Data Breach Response Time Trends
When we compare the cost of data breaches against the detection and containment time of data breaches for all industries, the following trends emerge clearly:
First of all, most companies are highly unaware of data breaches’ threats and how to deal with them. That’s why they take so many days to detect a breach and contain it. Many of them don’t even have the necessary security features implemented in their websites and servers (i.e. SSL certificates, strong passwords, malware scanners, etc.), making stealing their data easy.
The Healthcare industry has the highest cost of data breach attacks. Perhaps that is because of the long time it takes in detecting the attacks, while the sensitivity of data that remains with such companies is significant.
The financial services industry has the second-highest cost for data breaches, even though it detects and contains the attacks more quickly than most other industries. That may be the case because it’s a highly regulated industry – not detecting and preventing an attack promptly results in steep fines over companies involved in this business.
Tech companies and pharma contain their attacks in 60 days on average but still experience a relatively higher data breach cost. Again, the cause may be the nature of data that can be stolen from such companies – patents, product information, and other sensitive information that can harm the companies’ reputation, many of which also tend to be listed on the bourses.
So that was some of the critical information about data breaches and their trends. All this information further affirms the need to educate employees in your organization about data breaches and devise a clear Data Breach Response Plan. If you don’t do that in time, your business may also join the long list of companies that learn this lesson the hard way. Don’t let it happen and put a data breach response plan in place today.