One of the by-products of digital transformation is data, the crown jewels. With data comes the responsibility to protect it from breaches – there was a 160% yearly increase in data theft in 2020.
Talking about data breaches, it’s that time of the year when IBM releases the Ponemon Cost of a Data Breach report. Now in its 17th year, this report has become a leading benchmark tool, offering IT, risk management and security leaders a lens into factors that can increase or help mitigate the cost of data breaches.
Some India-specific learnings from this year’s report:
(+) Largest single-year cost increase in the last seven years
Not surprisingly, the costs went up again, with the average total cost of a data breach increased nearly 18% year over year. More importantly, this was the largest single-year cost increase in the last seven years. In fact, 2021 had the highest average cost in 17 years.
So, what has been contributing to the spike in the cost of a data breach?
+ For starters, the cost per lost or stolen record in the 2021 saw an increase of nearly 7% year over year, increasing to INR 5,900. The cost per lost or stolen record has nearly doubled in the last 7 years.
+ The average number of records breached per incident increased to nearly 28,000.
+ Another factor that contributed was the increase in the average time to identify and contain a breach. In 2021, this went up to 320 days from 313 days in 2020, an increase of 2%. In fact, in the last 4 years, this number has increased 32%.
Tushar Haralkar, Security Software Technical Sales Leader and Zero Trust Champion with IBM Technology Sales, India-South Asia says, “Indian organisations faced a higher number of data breaches during the pandemic. This has resulted in many organisations evaluating their security architecture.”
(+) Protect remote workforce
With more people working from home than ever before, your data, your applications, and your users are everywhere. Employees working in isolation are easier targets. This can expose the entire technology ecosystem to additional risk of cyberattack.
Data from the 2021 Cost of Data Breach report validated this. The report found that Indian organisations with more than 50% remote work adoption took 26% more days to identify and contain a breach than those with less than 50% remote work adoption.
“The accelerated shift to remote work – forced by the pandemic – resulted in a massive disruption of security programs. Suddenly having more workers that aren’t on site likely created a security debt,” says Tushar.
(+) Data privacy remains crucial
A significant percentage of the breaches, analysed by the report, saw a customer’s personal data being exposed. The loss of a customer’s personal identifiable information (PII) also cost companies heavily.
The pandemic accelerated the growth in online transactions, as more people chose to undertake transactions from the comforts of their home. This trend is here to stay, as most Indian respondents are likely to continue digital-first interactions.
The onus of protecting customer data lies with the organisations.
“Customers trust organisations with their data – all kinds of it, personal, demographic, and financial data. And organisations need to repay that trust by protecting this data and customer privacy,” adds Tushar.
It is important to remember that the provisions in the upcoming Personal Data Protection Bill, once approved, could result in penalties of up to INR 15 crore for non-compliance with personal data requirements.
Zero trust approach to security to stay ahead of the game
Over the last 12-18 months, the way you run your business and manage your teams has changed. Perhaps, forever!
Your data, your applications, and your users are everywhere. You are more reliant on cloud than ever before. This has rendered traditional perimeter-based approach to security ineffective.
Protecting the scattered ecosystem requires correlation of real-time security context across all security domains. Hence, security leaders globally are turning to zero trust.
Tushar says, “Zero trust approach can help resolve your top security challenges. It can help preserve customer privacy by making data access limited and conditional. Zero trust approach can help protect your remote workforce by enforcing conditional access based on its principle of least privilege.”
In addition, zero trust approach can also help fuel your cloud transformation with a modern approach to security, as well as help you address growing insider threats by discovering risky user behaviour.
It’s time to go fearless with zero trust.
Link for the report (https://www.ibm.com/in-en/security/databreach?utm_medium=ContSyndDT&utm_source=Indianexpress)