General security

Top 5 Ways to Reduce the Cost of a Data Breach

Claudio Dodt
February 12, 2018 by
Claudio Dodt


According to the 2017 Cost of Data Breach Study, data breach costs in 2017 averaged $3.62 million. This is a large sum, but depending on factors such as the number of records exposed or the nature of the leaked information, losses can be much greater and even include reputational damages that may take several years to reverse.

Reducing the cost of data breaches is a vital consideration for any good security strategy. In fact, when a breach occurs, many factors can influence its cost, either increasing or decreasing the final amount. Some of those aspects are external to the company, such as laws and regulations, and must be accepted as they are.

However, there are several factors that fall within the boundaries of company control and, if properly used, can greatly reduce the impact of a data breach. These factors can turn a crisis that could put a large enterprise out of business into a manageable situation.

Here are six ways you can reduce cost of data breaches at your organization.

  1. Deploy an Incident Response Team

Assembling an incident response team involves tasks such as:

  • Developing an incident response policy and plan
  • Creating formal procedures for performing incident handling and reporting
  • Determining the necessary guidelines for communicating with outside parties, both internal (e.g., legal department) and external (e.g., law enforcement agencies)
  • Defining the response team structure and required training

Once this planning phase is complete, an incident response team works by detecting, analyzing and trying to contain and eradicate any possible breach situation. Even in cases where a breach is detected after information leaves the organization’s control, the incident response team can still help by eradicating the probability of further leaks, while also providing essential information to other teams to reduce the incident impact (i.e., crisis management, communications, legal).

According to the 2017 Cost of Data Breach Study, the use of a fully functional incident response team reduces the cost of data breaches by $19 — from $141 to $122 (average cost per lost or stolen record).

  1. Take Advantage of Encryption Technology
  2. Encryption plays a key role into reducing the chances of a data leak. For instance, it can protect both data at rest (e.g., files saved on a computer, server, mobile device or Cloud) and data in transit (e.g., information downloaded or uploaded over the Internet, used by an application, sent over an email or instant messenger).

    In either case, if a cybercriminal captures encrypted information it will be of no use, provided he does have the means to reading it (e.g., using private encryption keys or exploiting an outdated encryption algorithm). This makes the extensive use of encryption throughout a company a great strategy for reducing the average cost of a data breach.

    1. Provide Security Awareness Training for Employees & Other Related Parties
    2. Employee security awareness training is yet another great strategy for reducing the chances of a data breach. For starters, workers should be made aware of corporate security policies and basic security principles, including directives (e.g.,  restrictions when copying files to USB drives or sending email attachments) and the consequences of violating rules. This should reduce the likelihood of insiders taking part, either willingly or by accident, in a breach.

      Security awareness training can also greatly reduce the success rate of attacks commonly associated with data breaches like phishing. Even when a cybercriminal successfully carries out an attack, it is far more likely that a security-aware employee will report the attack to the incident response team.

      1. Create a Data Classification Policy & Use a Good Data Loss Prevention (DLP) Solution
      2. Data classification basically means categorizing information based on specific criteria (e.g., public, internal use or confidential) in order to ensure it can be protected in accordance to its value to the company. This process helps organizations determine what information is considered sensitive, who should have access to it, and how it should be handled, copied or discarded.

        Once sensitive information has been identified, it is also possible to use a DLP solution to help detect and prevent data breaches. For example, it is possible to detect when confidential information is copied to a USB drive or sent by email through a DLP. In both cases, a good DLP solution could either send a notification to an incident response team for investigation, prevent files from being copied or simply ask for further approval before the information is copied or the email is sent. In terms of reducing the cost of data breaches, DLP solutions can be very effective, as long as the information is properly classified/identified.

        1. Consider Adopting Cyber Insurance Protection
        2. With the ever-increasing number of companies suffering from data breaches, the rise on cyber insurance adoption should not come as a surprise. It is important to consider that cyber insurance is a reactive control, meaning it will not protect a company from a data breach. Instead, insurance will make sure the organization will have sufficient financial stability should a significant security breach occur.

          Cyber insurance can be used to pay for several services related to a data leak, such as hiring a forensics specialist, or any other additional resource required to investigate and contain an incident. Other reimbursable expenses include business losses (i.e., costs involved in managing a crisis or repairing reputation damage), data breach notifications to clients and other affected parties (which can be mandated by law in some jurisdictions) and even legal expenses associated with the breach (i.e., legal settlements and regulatory fines).

          What should you learn next?

          What should you learn next?

          From SOC Analyst to Secure Coder to Security Manager — our team of experts has 12 free training plans to help you hit your goals. Get your free copy now.

          Having cyber insurance can reduce the financial impact of a security incident and the cost of a data breach, but it is important to remember it should not completely replace other security controls.

          Claudio Dodt
          Claudio Dodt

          Cláudio Dodt is an Information Security Evangelist, consultant, trainer, speaker and blogger. He has more than ten years worth of experience working with Information Security, IT Service Management, IT Corporate Governance and Risk Management.