BreachExchange mailing list archives
Post-Breach Costs And Impact Can Last Years
From: Inga Goddijn <inga () riskbasedsecurity com>
Date: Wed, 27 Jan 2016 18:30:59 -0600
http://www.darkreading.com/risk/post-breach-costs-and-impact-can-last-years/d/d-id/1324055 The costs and implications of data breaches go far beyond the initial incident response and customer notification costs. In a new survey out by the SANS institute <https://www.sans.org/reading-room/whitepapers/analyst/cleaning-breach-post-breach-impact-cost-compendium-36517>, only about one third of organizations are able to remediate breaches within a week of detection and the greatest financial impact from breaches extended months and even years beyond the event for the majority of organizations. Conducted on behalf of Identity Finder, the SANS study took an in-depth dive into the post-breach ramifications of nearly 60 organizations. Coming from a fairly distributed range of organization sizes and industries, the study shows that even after remediation, over 60% of organizations still felt the impact from breaches. Meanwhile, the greatest financial impacts were felt long after the exposure occurred. Over 40% of organizations said they felt the biggest monetary pinch one- to 12 months after the fact. These financial shocks often come from unexpected sources. For example, some organizations may recognize that there will need to be additional resources necessary to conduct forensics investigations during breaches, but don't realize they'll have to make unplanned purchases following an incident. Approximately 57% of respondents reported having to acquire additional tools for forensics or data recovery as a result of a breach. Additionally, breaches frequently uncover root causes that require additional controls to prevent them from happening again and to keep the regulators at bay once an event brings their focus onto an organization. Nearly three-quarters of organizations needed to divert resources to bolster the development of administrative policies, and approximately 65% had to spend extra money on training and awareness programs following a breach. Additionally, 65% of organizations had to purchase technical tools outside the normal IT budget cycle, and over 60% needed to pick up physical controls in the wake of a breach. What's more, around a third of organizations realized they needed to add or change managed services to account for increased security after a breach. "One could argue that these controls were needed anyway and that they should not be included in an accounting of post-breach costs. After all, having proactive security policies and procedures in place is always the best defense against a breach," wrote the report's author, Barbara Filkins. However, the fact that these purchases and resource allocations were sudden and unplanned invariably means they threw off the balance of budgeting and caused disruption in the flow of IT operations -- versus taking a pre-emptive and measured approach to increasing controls. As things stand, fewer than half of organizations carry cyber insurance for breach events, and only about a third of organizations had enough coverage to completely cover post-breach costs, according to the report.
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Need access to data breach details or alerts when new breaches happen? Risk Based Security's Cyber Risk Analytics portal, fueled by the RBS breach research team, provides detailed information on how data breaches occur and which vendors to trust. Contact us today for a demo.
Current thread:
- Post-Breach Costs And Impact Can Last Years Inga Goddijn (Jan 28)