At present, all organizations are exposed to experiencing a cyber attack. In Latin America, a data breach costs an average of 2.8 million dollars and globally, the losses represent 4.35 million dollars, according to the IBM Cost of a Data Report 2022.
In Latin America, the most affected sectors are Financial, with a registration cost of $109; the industrial sector, with a cost per registration of 102 dollars; and transportation, with a cost of $84 per record. The excess of privileges in cloud access accounts and the exploitation of vulnerabilities are some of the main causes of attacks that, added to the growing Internet of Things (IoT), allow this type of scourge to occur more consistently, says Ernesto Rosales. , Director of Cybersecurity Operations at Data Warden.
“Currently when we realize that we are under a security incident, the attacker already has extensive knowledge and a long time within our organization,” Rosales warned during the webinar. How much is your information worth? Shield the digital life of your company, organized by Alto Nivel.
The average time for this type of attack to be detected is 284 days globally and 316 days in Latin America.
The life cycle of a threat
The life cycle of a threat is called the Cyber Kill Chain, explains the expert. “Days saved are money saved when it comes to a data breach,” Rosales stresses.
The IBM report shows that reducing the time it takes to identify and contain a data breach to 200 days or less can save money. Globally, containing a data breach in 200 days or less reduced the average impact by $1.12 million.
One of the aspects that we must be clear about as an organization is to identify how the attack was triggered, this will allow us to detect vulnerabilities and know what actions to take to avoid it. What has been detected is that stolen or compromised credentials are highly expensive.
Not only were these one of the most common causes of a data breach, but at 327 days, they took the longest to identify. This attack vector ended up costing $150,000 more than the average cost of a data breach, the IBM report indicates.
In this sense, phishing is relevant because it is how the attacker begins to have access to our facilities, being able to compromise email accounts and even create the conditions to enable ransomware.
Digital transformation strategies are put in place so that the business grows, however, they have not been accompanied by a protection mechanism that ensures or reduces the possibility or risk of having an impact on the business.
Nearly half of all data breaches occur in the cloud, Rosales warns.
Security should be an integral part of the cloud migration process. Unfortunately, integrating security into each step of this migration can be challenging.”
Ernesto Rosales, Director of Cybersecurity Operations at Data Warden.
There are factors that can reduce the impact of a breach:
- Have a DevSecOps approach. Currently, with the migration to the cloud and shared responsibility, in most cases it is no longer up to us to maintain the infrastructure, so the development and operations group needs to have more involvement in the security of the applications.
- Create an incident response group. Assuming that sooner or later we will be attacked, so having an incident response program will help us to respond in a more timely manner and reduce the impacts, Senior Management needs to be involved. Have a CISO (Chief Information Security Officer) in the organization. It will be the interface between the technical role and the business.
- Automation. The use of artificial intelligence (AI), Machine Learnign (ML) and SOAR are elements that allow us to identify and automate both detection and response.
Mistakes to avoid in terms of digital risk
- You have a CISO, everything is fine
- Cybersecurity is a computer or IT problem
- We already have the tools (antivirus, firewalls, SOC and CERT)
- The company is too small to be attacked
- The BYOD (Bring Your Own Device) policy is “safe”
- Threats come only from abroad
- The company is 100% secure, no audits or tests are needed
- Our data is in the cloud, everything is fine
- Our data is worthless
- Our service providers are responsible
- Industrial infrastructure is not affected
- we have nothing to hide
We invite you to relive the webinar again. How much is your information worth? Shield the digital life of your company and avoid being the next victim.