No business wants to suffer a data breach, but unfortunately, avoiding them in today's environment is challenging. Approximately 83% of organisations have experienced more than one data breach. (IBM Security 2022 Cost of a Data Breach Report)

These breaches hurt businesses in many ways:

1. There is the immediate cost of remediating the breach.

2. There are the lost productivity costs.

3. You can add a loss of business on top of that and lost client trust.

4. A business could also have extensive legal fees associated with a breach.

According to IBM Security's report, the cost of a data breach climbed again in 2022. The global cost of one breach is now $4.35 million, up 2.6% from last year. If your business is in the U.S., the price rises to $9.44 million. In Canada, the average data breach costs companies $5.64 million. Costs for smaller companies are lower. But breaches are often more devastating to SMBs because they have different resources than larger companies to offset all those costs.

An estimated 60% of small companies go out of business within six months of a cybersecurity breach. 

Companies don't need to resign themselves to the impending doom of a data breach. There are some proven tactics they can take to mitigate the costs. These cybersecurity practices can limit the damage of a cyberattack.  

All these findings come from the IBM Security report. They include hard facts on the benefits of bolstering your cybersecurity strategy. 

Cybersecurity Tactics to Reduce the Impact of a Breach

Use a Hybrid Cloud Approach

Most organisations use the cloud for data storage and business processes. For example, researchers found that 45% of all data breaches happen in the cloud. But all cloud strategies are not created equally.

Breaches in the public cloud cost significantly more than those in a hybrid cloud. What is a hybrid cloud? It means that some data and processes are in a public cloud, and some are in a private cloud environment. 

What some find surprising is that using a hybrid cloud approach was also better than a private cloud. 

Put in Place an Incident Response Plan & Practice It

You can be a small business with an incident response (IR) plan. The IR plan is simply a set of instructions. It's for employees to follow should any number of cybersecurity incidents occur.

Here is an example. In the case of ransomware, the first step should be disconnecting the infected device. IR plans to improve the speed and effectiveness of a response in the face of a security crisis.

Having a practised incident response plan reduces the cost of a data breach. It lowers it by an average of $2.66 million per incident.

Adopt a Zero Trust Security Approach

Zero trust is a collection of security protocols that fortify a network. An example of a few of these are:

• Multi-factor authentication

• Application safelisting

• Contextual user authentication

Approximately 79% of critical infrastructure organisations still need to adopt zero trust. Doing so can significantly reduce data breach costs. Organisations that don't deploy zero-trust tactics pay about $1 million more per data breach.  

Use Tools with Security AI & Automation

Using suitable security tools can significantly affect the cost incurred during a data breach. Using security AI and automation tools brought the most significant cost savings.

Data breach expenses lowered by 65.2% thanks to security AI and automation solutions. These types of solutions include tools like advanced threat protection (ATP). They can also have applications that hunt out threats and automate the response.  

How to Get Started Improving Your Cyber Resilience

Many of these ways to lower data breach costs are best practices. You can start by taking them one at a time and rolling out upgrades to your cybersecurity strategy.

Working with a trusted IT provider, put together a roadmap. Address the "low-hanging fruit" first. Then, move on to longer-term projects.

For example, "low-hanging fruit" would be implementing multi-factor authentication. It's low-cost and easy to put in place. It also significantly reduces the risk of a cloud breach.

A longer-term project might be creating an incident response plan. Then, you would set up a schedule to have your team drill on the plan regularly. During those drills, you could work out any kinks.

Need Help Improving Your Security & Reducing Risk?

Working with a trusted IT partner takes much of the security burden off your shoulders. Call us today to schedule a chat about a cybersecurity roadmap; contact us.

The article is used with permission from The Technology Press.