Cyber attacks are expensive if they’re not resolved quickly. Results from Ponemon Institute show a positive relationship between the time to contain an attack and the cost to the organization that falls victim to the attack. That’s not surprising – the longer it takes to contain a breach, the more money it costs to stop it. The amount of time it takes, however, to contain a breach is surprising. The study found the average time to stop an attack is 46 days, with an average cost of $21,155 per day – the grand total coming to just about $1 million.
Which breaches are the hardest to contain? Attacks from malicious insiders, malicious code, and web-based attackers take the most amount of time to resolve. Malware, viruses, and botnets on average are resolved relatively quickly – just a few days.
In an attempt to get ahead of the hardest attacks to contain, companies are trying to cut off potential bad actors before they even begin. Many organizations are building out cyber programs to protect themselves from their own employees. Advanced threat detection programs are in the market and purport to be able to stop the next hacker before he takes a single malicious keystroke through activity tracking. Many systems today can monitor data movement and even specific employee activity.
Since offices – and their workers – are becoming increasingly distributed geographically and using technology more than ever to conduct their day-to-day tasks, having access to sensitive information is a concern if disgruntled employees depart their companies. In a recent example, a former Morgan Stanley financial adviser was sentenced to three years of probation over taking large amounts of the firm's client information.
Let’s not allow the juiciest headlines to dictate our data protection strategies, though. Yes, malicious insider threats happen – but in many cases, data breaches caused by employees are accidental in nature. According to research from CyberFactors, half of the data breaches perpetuated by employees were by mistake. Forrester Research found that only 56 percent of North American and European employees surveyed were aware of their company’s security practices. If employees are not equipped to know what to do if they make a mistake, it will take much longer – and cost a lot more – to contain cyber attacks. Human error is a big issue that must be addressed.
What can we do to minimize human error? Look no further than the U.S. military’s experience. From September 2014 to June 2015, the U.S. Department of Defense (DoD) repelled more than 30 million known malicious attacks at the boundaries of its networks. Of the ones that did make it through, less than .1 percent compromised its systems.
When profiled in Harvard Business Review, representatives from the DoD said that while technical upgrades are important, minimizing human error is more important. When network administrators and users fail to patch vulnerabilities in legacy systems, misconfigured settings and violations of standard procedures open the door to the overwhelming majority of successful attacks.
The DoD started its evolution to become what it calls a “high-reliability organization”, one where there is a culture of zero defects. It’s a combination of streamlining its technology networks and proper training for employees. The principles that drive this initiative are:
- taking charge;
- making everyone accountable;
- instituting uniform standards;
- centrally managing training and certification;
- coupling formality with forceful backup;
- checking defenses;
- eliminating fear of honesty; and
- increasing consequences of dishonesty.
Breaches are easier to detect and contain when you properly empower your people. It’s essential to create a culture of compliance within your organization, and having the technology in place to back it up.
We can help. Visit our website to learn how about our secure cloud platform that encrypts everything by default so human error isn’t an option. With zero-day malware detection, threats are found within 24 hours. Once a threat is identified, it’s neutralized immediately with a 24/7 Incident Response Team trained in counterintelligence.
Written by Rob LaMear, CEO, US Cyber Vault
Once a month we share where we will be speaking in the world as well as expert opinions on cyber security, data loss prevention, and information security that we like from the larger community. Receive our next issue by signing up here.