Every monitoring system, issue management tool, ChatOps platform, and collaboration platform talks about how it cuts down on time to identify and resolve a major incident. So how much does quick identification and containment of a data breach or similar issue really matter? A new report says quite a bit.
The Ponemon Institute produces a report every year on the state of data breaches, their frequency and impact, and company responses. The new report, 2017 Cost of Data Breach Study, sponsored by IBM, examines the impact of quick identification and containment of a breach.
Based on surveys of 419 companies from around the world of different sizes and industries, the report reveals that companies that contain a breach within 30 days suffer 25% less cost per record than companies that take longer to contain a breach. If 30 days seems long to you, it seemed long to us too.
The average total cost of a breach when the it is contained within 30 days is $2.83 million U.S., while the average cost when containment takes longer is $3.77 million.
Across all 419 breaches the Ponemon Institute studied, the cost of a breach is actually down from $4 million to about $3.6 million. However, the costs vary by geography, breach size, and industry. Breaches for U.S. companies tend to be larger than in many other countries, which carries an additional risk.
Companies have less than a 1% chance of suffering a breach of more than 100,000 records. But they have a 28% chance of suffering a breach of more than 10,000 records.
The report is a robust piece of research at 36 pages, and we encourage you to read it to get all the information. However, we also have a few recommendations after reading it.
- Have an incident response team: a fully functional incident response team reduced the cost of data breach by $19 from $141 (average) to $122.
- Monitor everything: The average time to identify that a breach had taken place was 190 days in this most recent report, up significantly from 67 in the 2016 report.
- Subscribe the right people to the right alerts: Subscriptions are key to engaging the incident response team, and the time to engage the incident response team can heavily impact the cost of a breach. This is especially true in the United States, where breach sizes and escalation costs are higher than in most other parts of the world.
How xMatters can help you limit the impact of incidents
When you become aware of an incident, finding the right people to resolve it is one of the most important steps in resolving it. If the data your incident team needs is locked within a monitoring solution or another tool, the team could experience delays gaining access and moving the data to other tools.
The xMatters integration platform automates the process of sharing data between tools and identifying the on-call team members to manage the resolution process. Actionable alerts enable team members to do work without toggling between systems, saving valuable time and easily engaging other team members while also preserving conversations and other information. These pieces of information keep customers, team members, and executives informed of progress, keep relevant information in one place for ease of use, and leave a repository of data for the post mortem.