An increase in the number of high-profile data breaches over the last year would suggest heightened demand for security measures. And attacks are not limited to a single type of organisation. You only have to look at the media headlines around breaches in companies such as Vtech, Ashley Madison, and Slack, to realise that organisations of all shapes and sizes are still targets for unlawful actors.
However, perhaps surprisingly, a feeling that suffering a breach at some stage is simply an inevitability could lead to a sense of apathy amongst decision-makers. The C-suite likes to make decisions based on facts and data, and if it suggests that even the best security strategy cannot prevent data loss, then making the business case to implement one in the first place becomes more challenging for security professionals. Arguably, this means that security professionals now have it tougher when it comes to justifying their budget to the C-suite. They need to focus on articulating the strategy and why they believe It’s effective.
In addition, the seemingly ever-increasing number of devices used by employees to undertake tasks ‘on the go’ mean that private company information, once kept relatively safe in the preserve of the data centre, is now scattered across a range of endpoints. Each additional device provides another potential entry point for cyber-criminals or an opportunity for careless usage to result in data loss. So how can CIOs and CISOs explain the return on investment for a comprehensive security strategy in purely financial terms?
The business case for security
The good news is that evidence from studies such as the Verizon 2015 Data Breach Investigations Report help to provide justification for data loss prevention methods – the total number of compromised records drives the total cost of a data breach, because more widespread breaches result in a greater the loss of customer trust. This means that mitigating factors (including data loss prevention measures) effectively reduce total breach cost, by reducing the total number of records lost.
Simply put, each lost record costs the business revenue and breaks customer trust. So, while data loss prevention measures may not eradicate breaches, their value lies in minimising the total number of records lost, and therefore the overall financial damage. Perhaps most importantly, 40 percent of the data loss incidents examined by the Council on Cybersecurity could have been prevented or mitigated by the following ‘quick win’ measures.
The idea behind multi-factor authentication is that it adds another layer of defense to login processes by requiring at least two independent credentials from the user – a password followed by biometric authorisation for example. These extra layers of defense make it more difficult for hackers to break into accounts, because even if one of the factors is compromised, a barrier to access still remains in place.
In times gone by, back when mission-critical data was stored within the confines of the data centre, the traditional antivirus firewall offered a far more effective method of protection. Antivirus (AV) software scans files to detect and remove malicious software, by examining a database of known viruses or identifying suspicious behaviour.
However, the exponential growth of sophisticated malware types means that keeping the database up to date is a key challenge for antivirus providers and users, and has led industry experts to suggest that AV software is only 50% accurate in identifying malware. That said, AV still remains a valuable form of defense when implemented as part of a multi-layered security stack, and in many cases is a requirement for regulatory compliance.
Endpoint backup provides complete visibility and control over company data, by continuously and automatically backing up the data stored across a company’s entire range of endpoint devices. This not only provides security professionals with the ability to identify suspicious user behaviour and prevent data loss through malicious activity on their behalf but also guards against one of the biggest security threats out there – ransomware.
Ransomware works by encrypting all of the data on infected devices, and then demanding the payment of a ‘ransom’ to a cyber criminal in order to unscramble the data. For businesses that do not have a backup solution in place, ransomware attacks can result in huge financial losses due to wasted company time and lost assets. However, with an endpoint backup solution in place, all the externally backed up data can be restored within a few minutes, keeping downtime to a minimum.
To conclude, whilst the number of data breaches is increasing to the point where it is inevitable that many companies will fall victim at some stage, implementing a multi-layered security strategy can still minimise the damage that is caused as a result. Also, by partnering with the right security vendors and implementing intelligent solutions which are regularly maintained – a healthy ROI will not be hard to demonstrate.