Business continuity planning proves crucial for disaster recovery
- The global average cost per record hit in a data breach rose from $141 to $148 year-over-year in FY2018, according to the 2018 IBM and Ponemon Cost of a Data Breach Study. Business continuity management (BCM) can reduce the per capita costs of a data breach by 6.5%, with a per day cost saving of 31.5% compared to businesses without a plan.
- The anatomy of data breach costs falls into four distinct parts, measured in millions of dollars: lost business cost, detection and escalation, ex-post response and notification. Lost business and detection and escalation were the largest cost categories, coming in at $1.5 million and $1.2 million, respectively.
- This was the first year Ponemon measured mean time to recover (MTTR). The survey of 262 companies around the world that suffered a material breach with at least 1,000 lost or stolen records found that companies with BCM had reductions of 44 days in mean time to identify a breach. These companies also saw a 38 day reduction in mean time to contain and 31 day reduction in mean time to recover.
Data breaches have become such a common occurrence that businesses and consumers are starting to feel jaded. But cybersecurity incidents have lingering effects and can even cause underperformance in the stock market long-term.
BCM can reduce the likelihood of a breach by 32% in the coming two years, according to the report. The alleviated data breach costs associated with BCM demonstrate the business value of incident response planning, including automation and orchestration solutions in disaster recovery, wrote Larry Ponemon in IT Biz Advisor.
MTTR is an important measurement of cybersecurity efficacy for companies. The more human involvement in the MTTR process, the longer it takes — sometimes expending the process to days or even weeks.
The cloud and DevOps have enabled more moving parts in a business's architecture, increasing the risk of false positives that take time to resolve.
Taking stock of what is on the cloud, conforming to required policies, quick remediation and repair maintenance can help reduce MTTR. Automated tools in the repair maintenance stage are especially helpful and make cloud infrastructure "self-healing."
Follow Alex Hickey on Twitter